i’m having issues with a spam email messages being sent from my centos 5 vps with DA installed on it.
actually, it is weird to me because there is nothing wrong on the vps. the email I got from spamcop is having the following email headers:
1. Received: from my.vps-hostname.com (my.vps-hostname.com [XXX.XXX.XXX.XXX])
by homiemail-mx21.g.dreamhost.com (Postfix) with SMTP id 26F986D89F5
2. Received: from caibbdcaaaaf.dreamhost.com (HELO homiemail-mx21.g.dreamhost.com) (18.104.22.168)
by mxin2.cesmail.net with SMTP; 13 Jul 2012 21:12:00 -0000
3. Received: from unknown (192.168.1.86)
by filter7.cesmail.net with QMQP; 13 Jul 2012 21:09:28 -0000
4. Received: from unknown (HELO filter7.cesmail.net) ([192.168.1.217])
by c60.cesmail.net with SMTP; 13 Jul 2012 17:09:36 -0400
5. Received: from c60.cesmail.net (c60.cesmail.net [22.214.171.124])
(using TLSv1 with cipher RC4-SHA (128/128 bits))
(No client certificate requested)
by homiemail-mx22.g.dreamhost.com (Postfix) with ESMTPS id C90CF200F11
then I came up with the following URL http://www.spamcop.net/fom-serve/cache/385.html and I scanned my vps using rkhunter and maldetect and everything was ok.
in the email from spamcop they’re saying that my server’s IP is an open proxy and that’s how the emails were sent but I do not have such proxy on my vps and am little confused regarding this.
so can someone shed-light me on this, how am I supposed to track and fix this issue down?