Hello Support

 

Our hosting servers seem to be receiving bank phishing spam mail from one of your IP addresses.  Could you please look into this?

 

We have included the headers of one of these mails below.

 

If you have any questions, please feel free to contact us.

Kind Regards

Stephen Waters
www.ChoiceHosting.co.za

Tel.     0878 058 729
Email: support@choicehosting.co.za

 

 

Return-path: <internet@absa.co.za>

Envelope-to: support@choicehosting.co.za

Delivery-date: Mon, 14 Dec 2009 07:16:33 +0200

Received: from mx.bsslaw.net ([194.154.196.196])

            by host.choiceserver1.com with esmtp (Exim 4.69)

            (envelope-from <internet@absa.co.za>)

            id 1NK3IK-0007rG-Fv

            for support@choicehosting.co.za; Mon, 14 Dec 2009 07:16:29 +0200

Received: from MAIL-SERVER.BSSLAW.local (Not Verified[192.168.10.1]) by mx.bsslaw.net with MailMarshal (v6,7,2,8378)

            id <B4b25ca050000>; Mon, 14 Dec 2009 06:15:49 +0100

Received: from User ([41.28.112.10]) by MAIL-SERVER.BSSLAW.local with Microsoft SMTPSVC(6.0.3790.3959);

             Mon, 14 Dec 2009 06:15:48 +0100

From: "ABSA ONLINE"<internet@absa.co.za>

Subject: {Spam?} {Disarmed} ACCOUNT NOTIFICATION

Date: Mon, 14 Dec 2009 05:16:12 -0000

MIME-Version: 1.0

Content-Type: text/html;

            charset="Windows-1251"

Content-Transfer-Encoding: 7bit

X-Priority: 3

X-MSMail-Priority: Normal

X-Mailer: Microsoft Outlook Express 6.00.2600.0000

X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000

Bcc:

Message-ID: <NODE01PXCFbN4TZyabY000001c6@MAIL-SERVER.BSSLAW.local>

X-OriginalArrivalTime: 14 Dec 2009 05:15:48.0833 (UTC) FILETIME=[7F60F510:01CA7C7C]

X-Choicehosting-MailScanner-Information: Please contact the ISP for more information

X-Choicehosting-MailScanner-ID: 1NK3IK-0007rG-Fv

X-Choicehosting-MailScanner: Found to be clean

X-Choicehosting-MailScanner-SpamCheck: spam, SpamAssassin (not cached,

            score=11.434, required 5, FORGED_MUA_OUTLOOK 4.20,

            FORGED_OUTLOOK_HTML 0.00, FORGED_OUTLOOK_TAGS 0.00,

            HTML_IMAGE_ONLY_28 1.52, HTML_MESSAGE 0.00, MIME_HTML_ONLY 1.67,

            MISSING_HEADERS 1.58, SPF_SOFTFAIL 0.65, SUBJ_ALL_CAPS 1.81)

X-Choicehosting-MailScanner-SpamScore: sssssssssss

X-Choicehosting-MailScanner-From: internet@absa.co.za

 

 

-----Original Message-----
From: ABSA ONLINE [mailto:internet@absa.co.za]
Sent: 14 December 2009 07:16
Subject: {Spam?} {Disarmed} ACCOUNT NOTIFICATION

 

 Absa Bank Group<http://www.absa.co.za/absacoza/images/homepage/logo_btm.gif> function checkForm() { var valid = false; if (document.form01.sq.value == '') { alert("Please type the word(s) you wish to search for."); } else { valid = true; } return valid; }

 

INTRODUCING: Absa New Secure Server

 

We have been warning customers to upgrade to our new server. Fraudsters have devised a new method of defrauding customers. With this new fraud scheme they use the traditional method of identity theft (phishing), Hacking into customers online banking, to avoid phishing and identity theft we advice you login to our secure server

 

 

Go straight to your Absa for procedures to follow:

 

Click Here to continue <http://marionlodge.sproductions.co.za/catalog/pub/get_ready/absa.htm> 

Absa Bank will not be responsible for loss of funds to hackers as a result of failure to comply with this important new directives. We are committed to serving you better. Bank and stay safe online.Security Management

Absa Bank Group

 

Please do not reply to this e-mail. Mail sent to this address cannot be answered.

For assistance, log in to your absa Online account and choose the "Help" link on any page.

 

absa bank Email ID # 1009