<P>Thanks a lot, Rolf</P> <P>I've changed the entry.</P> <P>Cheers!</P>

<P>Hi Folks</P> <P>Today we received some spam which came in from an address that is in a banned range.</P> <P>MercuryS SMTP Server's connection control is set up so that 0.0.0.0 to 255.255.255.255 is refused. The only address ranges allowed are those which are used by MessageLabs and a single address for a separate domain. None of the allowed address ranges encompass the IP address that the spam email originated from.</P> <P>Here's the email:</P> <P>Received: from spooler by apsarchaeology.co.uk (Mercury/32 v4.62); 6 Mar 2009 09:48:31 -0000 X-Envelope-To: Electronic Postmaster <Admin@apsarchaeology.co.uk> To: Electronic Postmaster <Admin@apsarchaeology.co.uk> From: Electronic Postmaster <postmaster@apsarchaeology.co.uk> Date: Fri, 6 Mar 2009 09:48:20 -0000 Subject: Postmaster Notify: Delivery Failure. MIME-Version: 1.0 Content-type: multipart/mixed; boundary=28209.740667140 X-PMFLAGS: 570949760 0 1 YWURDGYK.CNM                       </P> <P>This message is in MIME format. If you are seeing this text, then your mailer does not understand this format properly.</P> <P>--28209.740667140 Content-type: Text/Plain; charset=US-ASCII Content-Disposition: Inline Content-Description: Reason for delivery failure.</P> <P>The attached message has failed delivery and has been referred to you as postmaster. The following error report or reports were given to explain the problem:</P> <P>   *** <u@apsarchaeology.co.uk>    User <u@apsarchaeology.co.uk> not known at this site.</P> <P>--28209.740667140 Content-type: Message/RFC822</P> <P>From: Mail Delivery System <postmaster@apsarchaeology.co.uk> To: <u@apsarchaeology.co.uk> Date: Fri, 6 Mar 2009 09:48:09 -0000 Subject: Delivery failure notification MIME-Version: 1.0 Content-Type: Multipart/Report; boundary=Part_Boundary-2C2582F3</P> <P>--Part_Boundary-2C2582F3 Content-type: Text/plain; charset=US-ASCII Content-description: Mail delivery failure report Content-disposition: Inline</P> <P>With reference to your message with the subject:    "Casino St. Valentine's Day"</P> <P>The local mail transport system has reported the following problems it encountered while trying to deliver your message:</P> <P>-------------------------------------------------------------------</P> <P>--- Problems not related to specific addresses in the message: Job has invalid or illegal from address. *** <enquiries@apsarchaeology.co.uk> -------------------------------------------------------------------</P> <P>Your mail message is being returned to you in the next part of this message.</P> <P>Should you need assistance, please mail greenman@apsarchaeology.co.uk.</P> <P>--Part_Boundary-2C2582F3 Content-type: Message/RFC822 Content-description: Contents of original mail message</P> <P>Return-path: <u@apsarchaeology.co.uk> Received: from A-YJZJ5ICO29RPP (151.66.202.210) by apsarchaeology.co.uk (Mercury/32 v4.62) ID MG000195;    6 Mar 2009 09:48:06 -0000 Received: from [151.66.202.210] (port=48734 helo=151.66.202.210)         by mail.apsarchaeology.co.uk with esmtp         id bda41a-39ab34-56         for enquiries@apsarchaeology.co.uk; Fri, 06 Mar 2009 10:48:51 +0100 Message-ID: <49B0F183.9080802@apsarchaeology.co.uk> Date: Fri, 06 Mar 2009 10:48:51 +0100 From: "Anita" <u@apsarchaeology.co.uk> User-Agent: Thunderbird 2.0.0.9 (Windows/20071031) MIME-Version: 1.0 To: "Dean" <enquiries@apsarchaeology.co.uk> Subject: Casino St. Valentine's Day Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit</P> <P>Please, to win in our casino now! >address removed by Greenman<</P> <P mce_keep="true"> </P> <P> --Part_Boundary-2C2582F3--</P> <P> --28209.740667140--</P> <P>Does anyone have any thoughts about how this ended up being delivered to us? All email that is addressed to apsarchaeology.co.uk is delivered by MessageLabs and has a banner appended to the bottom stating it has been scanned by the MessageLabs system. As you can see, no such banner exists on this message.</P> <P>Cheers!</P>

<p>Try changing the restricted range to 0.0.0.1 - 255.255.255.255.</p><p>/Rolf  </p>