E-mail Redirection?
-
Hi,
I know that its complete off-topic about pfSense but I thought because pfSense is about security maybe someone could shed some light on this weird E-mails redirection or not even sure what to call it.So I have a domain Emails with the internet service provider in Colombia South America Called UNE. The issue was when checked the source code of one of the Emails I received though outlook it shows another email that I never added.
Ex: patri@hotmail.com–----administracion@domain.com------jose@domain.com
User administracion@domain.com received the email but when i check the source code on outlook it shows this other person called jperez@danisa.com.co. So then I called UNE (the email provider) And told this and they checked to see if it was adding copy to another recipient and nothing was there. I also checked the computer for malware and virus and nothing. I was wondering if someone could help me out or where should I start looking?
Also Patri@hotmail is a known person so it should not be spam but what I dont understand is where is this jperez@danisa.com.co. coming from?
Here is the source code
http://pastebin.com/yb6sjKwQ
and see pictures starts from patri@hotmail.com writes to administracion@domain.com then the user forwards the email to jvalencias@domain.com
Thank you
-
where are the headers of the email? This is kind of useless.. Really need to see the HEADERS!!!
-
Hi johnpoz thank you so much for the reply sorry forgot to add the headers does this help?
http://pastebin.com/kYMnsjx8
so jvalencias@domain.com sent me this email which for some reason has this odd jperez@danisa.com.co
Not sure where it comes from or how. Maybe email spoofing?
Thank you :)
-
X-SID-PRA: jdvalencias@domain.com
This is the primary address contact record for your email server's SenderID configuration. This doesn't mean that this person sent you the email. It means that questions about your mail server's SenderID config should be sent to jdvalencias@domain.com (which is likely bogus). Ignore it, or find your mail server's config and change it. It's just a text field and can be blank.
-
Hi KOM thank you for the reply
Sorry for not being clear jdvalencias@domain.com sent me the e-mail (killmasta93@hotmail.com) because I needed to see the source code from the previous e-mail which has the jperez@danisa.com.co.
So this is the order on how the e-mail been sent
Patri@hotmail.com–--to----administracion@domain.com-----forwards to-----jdvalencias@domain.com------forwards to-----killmasta93@hotmail.com
I guess the Real question is why on the source code appears jperez@danisa.com.co.
Thank you
-
We need to see the headers, not some mail client screenshots.
-
I don't see anything in the headers for that email. So you can put anything you want in a body of a message.. Who sent the original message?
Source was created by
name=Generator content="Microsoft Word 15in the source there is clearly a link that has different name on it than in the link
[cvalencias@domain.com](jperez@danisa.com.co)
-
Thanks for the reply johnpoz
So I got another Email with headers directly from outlook and the source code
Administracion@domain.com–--to-----Jvalencias@domain.com
What I also found out was interesting all the E-mails that get sent to this @domain.com for some reason has
[cvalencias@domain.com](jperez@danisa.com.co)
Even if cvalenvias@domain.com never gets mentioned on the email
What is also funny is that jperez@danisa.com.co uses the same E-mail providers (UNE) as cvalencias@domain.com :o
Im considering to change E-mail providers :(
http://pastebin.com/6dsQisU9 –--- New source code on outlook
http://pastebin.com/8FSwmaH5 ------- New header
Thank you again and sorry for the confusion.
-
so can I send you an email and see if gets added?
-
sure let me PM you :)
Thank you
-
not seeing any PM…
-
sorry for the delay just sent it ;)
Thank you
-
Ok just sent message to all of them in same format
to: emailaddress
subject: test message to emailaddressThis is test message per thread on pfsense forum about strange email getting added to messages.
Let me know what you get..