NO SPAM ever sent from mkolar.org!!!

Somebody has been sending for several weeks commercial spam with spoofed From: field in the header containing various fictitious addresses from the mkolar.org domain. I have learned about it only because some of these spoofed e-mails are being returned to mkolar.org because they are undeliverable.

NONE OF THESE ORIGINATED FROM THIS SITE!

If you ever got such an e-mail, you can verify this fact by reading carefully its full header. Here you can find out more: Reading Email Headers.

Here is a recent example of an e-mail pretending to originate from this site:

Message-ID: <001901c67b26$68706dbe$97e26a55@si.bvzxya>
From: "Bridget Mcginnis" <oevb@mkolar.org>
To: <del_piero@juventus.it>
Subject: onus max
Date: Fri, 19 May 2006 12:18:02 +0300
MIME-Version: 1.0
Content-Type: multipart/related;
	type="multipart/alternative";
	boundary="----=_NextPart_000_0015_01C67B3F.8DBDA566"

This is a multi-part message in MIME format.

------=_NextPart_000_0015_01C67B3F.8DBDA566
Content-Type: multipart/alternative;
	boundary="----=_NextPart_001_0016_01C67B3F.8DBDA57C"
.......

There is no e-mail account oevb@mkolar.org.
The true origin of each e-mail gives the first in time (positioned last in the header) Received field of the header (I marked it in red above). It says that this e-mail was sent from IP address 85.106.226.151 which actually belongs to the ttnet.net.tr domain in Turkey!!!
You can see that in this case a relay site in Italy (second line of the header) correctly guessed that the header is forged (may be forged).

I found about this particular e-mail only because it's intended recipient also doesn't exist, and so the e-mail was returned to the forged Return Path in the first line of the header, accompanied with this note:

   ----- The following addresses had permanent fatal errors -----
<del_piero@juventus.it>
    (reason: 550 5.0.0 <del_piero@juventus.it>... No such user here)

May 19, 2006, mk