On 31-Jan-2007, Reinhard Mueller wrote:
As far as I can tell, the message header fields indicate the mail has been sent from aso10.internetdsl.tpnet.pl, which is clearly not an address under FSFE's control.
Right. I missed the original Received field.
Received: from [192.168.0.202] (aso10.internetdsl.tpnet.pl [83.17.226.10]) by gadolin.fsfeurope.org (Postfix) with ESMTP id 6793B444002 for discussion@fsfeurope.org; Wed, 31 Jan 2007 09:26:51 +0100 (CET)
The From: header is obviously forged.
Yes, I never believe that field on suspected spam :-)
So there's not much we can do, unfortunately.
I thought for a while that the sender might be spoofing as an FSFE machine, in which case it can be rejected immediately once it gives its HELO; but that's not the case.
Thanks for investigating.