FORUM D’ENTRAIDE INFORMATIQUE (FEI)
Site d’assistance et de sécurité informatique

Entraide concernant les messageries et réseaux sociaux.
Règles du forum : Entraide concernant les différentes messageries et logiciels de messagerie, ainsi que pour les réseaux sociaux (réglages, conseils, problèmes, avis...).
Merci de lire et de respecter la charte générale du forum.
  • Avatar du membre
#207698
Bonjour j'ai reçu récemment un spam sur mon site internet je me suis donc intéresser à ça provenance quelle a été mon étonnement en voyant que le Message ID de l'en-tête du mail contenait mon nom de domaine, cela veut donc dire si je ne me trompe pas que le message a été envoyer ou générer par mon serveur ? Si oui pensez vous qu'il s'agisse d'un problème de sécurité lié à mon site (je précise qu'il n'ai pas encore lancé donc difficilement trouvable) ? Ou un problème lié à la configuration de ma boîte mail ?

Je vous met ci-dessous l'en tête du mail en ayant au préalable anonymiser les données (du moins je l'espère) :


Received: from outlook.com (XXXX)

by outlook.com with HTTPS; Mon, 8 Nov 2021

20:23:36 +0000

Received: from outlook.com

(XXXX) by outlook.com

(XXXX) with Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id XXXX; Mon, 8 Nov

2021 20:23:35 +0000

Received: from outlook.com

(XXXX) by outlook.office365.com

(XXXX) with Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id XXXX via Frontend

Transport; Mon, 8 Nov 2021 20:23:35 +0000

Authentication-Results: spf=pass (sender IP is XXXX)

smtp.mailfrom=mondomaine.com; dkim=pass (signature was verified)

header.d=senderdomain.com;dmarc=bestguesspass action=none

header.from=mondomaine.com;compauth=pass reason=109

Received-SPF: Pass (protection.outlook.com: domain of mondomaine.com designates

XXXX as permitted sender) receiver=protection.outlook.com;

client-ip=XXXX; helo=mondomaine.com;

Received: from monhébergeur (XXXX) by

.outlook.com (XXXX) with Microsoft

SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id

XXXX via Frontend Transport; Mon, 8 Nov 2021 20:23:35 +0000

X-IncomingTopHeaderMarker:

OriginalChecksum:A8B6C1FBBF5422D447B447AB645F5A965BBEBBC562312B95FAD24DF2D710FC9D;UpperCasedChecksum:186699F8DBAAB578019D321D4227C14824A1E47953C88E2391B01446926C2217;SizeAsReceived:4330;Count:31

Received: from mx1.ovh.net (unknown [XXXX])

by monhébergeur (Postfix) with SMTP id 8503A20ADA

for <monadressemail>; Mon, 8 Nov 2021 20:23:35 +0000 (UTC)

Received: from localhost (HELO queueout) (XXXX)

by localhost with SMTP; 8 Nov 2021 22:23:35 +0200

Delivered-To: mondomaine.com @mondomaine.com

Received: from localhost (HELO queue) (XXXX)

by localhost with SMTP; 8 Nov 2021 22:23:35 +0200

Received: from unknown (HELO monhébergeur) (XXXX)

by monhébergeur with AES256-GCM-SHA384 encrypted SMTP; 8 Nov 2021 22:23:35 +0200

Received: from monhébergeur (unknown [XXXX])

by monhébergeur (Postfix) with ESMTP id 4Hp2cl0NVQzKGP8k4

for <@mondomaine.com>; Mon, 8 Nov 2021 20:23:35 +0000 (UTC)

Received: from monhébergeur (unknown [XXXX])

by monhébergeur (Postfix) with ESMTP id 4Hp2ck5hjcz26WMb1

for <@mondomaine.com>; Mon, 8 Nov 2021 20:23:34 +0000 (UTC)

Received-SPF: Softfail (mailfrom) identity=mailfrom; client-ip=XXXX; helo=senderdomain.com; envelope-from=@mondomaine.com; receiver=@mondomaine.com

Authentication-Results-Original: monhébergeur; dkim=pass (2048-bit key;

unprotected) header.d=senderdomain.com header.i=@senderdomain.com header.b="E+1uYx/8";

dkim-atps=neutral

Received: from senderdomain.com (senderdomain.com [XXXX])

by monhébergeur (Postfix) with ESMTPS id 4Hp2ck4T96z1Mkmr0

for <@mondomaine.com>; Mon, 8 Nov 2021 20:23:34 +0000 (UTC)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; s=mail1; d=senderdomain.com;

h=Content-Type:MIME-Version:Date:Subject:From:Reply-To:Message-ID:To;

bh=ngwMFYZmWYFj/XnzL4ZbEeb/r77+UTnr5gNdmFTrAfQ=;

b=E+1uYx/8gB3QBoWNXNeOYiM60lEG0Gt1s2Vc1MN/fdHl52clfq3bqBxlgM6wLcJTrNJSXxY5ly7j

km95aVr1t57KcWWqQ98woVUaCSvcqkI7OTQmHJ4Z1WQHR/Klc+FtWUEm4wyJj2OabAT2W80GSqex

WHsDh+utxs0Hgk53K6TAe/avpj49ahwlW3YVAzoAkqojPSSQIJEvRkl/GyKfMM6NztVieymY1nA+

MiE/eFbymx7c1BBlSlIk4vr+hr9dpSsAKJ42WeQZuhwk9D1jVJ3ImjXcGLPy089kjVwoXbX7oOpb

FDjZdtCPwxwKAUnC+Qse3dtszac0D8AbFU4uHA==

Content-Type: multipart/alternative; boundary="------------000006050208050402060604"

Date: Mon, 08 Nov 2021 21:23:35 +0100

Subject: =?utf-8?B?RGVtYW5kZSBkZSB2w6lyaWZpY2F0aW9uIGQnaWRlbnRpdMOpLg==?=

From: <@mondomaine.com>

Reply-To: <@mondomaine.com>

X-FBL: 1_98_1261_0_636F6E7461637440652D6265746865726D2E6672

Message-ID: <NDC3MJM5.MJI5NJUYNW.1261403110821232021351123320234@mondomaine.com>

To: "mondomaine.com mondomaine.com" <@mondomaine.com>

X-Remote: XXXX (senderdomain.com)

X-Tracer-Id: 9747478444177673163

X-VR-SPAMSTATE: OK

X-VR-SPAMSCORE: 0

X-VR-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrgedvuddruddvgddufeegucetufdoteggodetrfdotffvucfrrhhofhhilhgvmecuqfggjfdpvefjgfevmfevgfenuceurghilhhouhhtmecuhedttdenucenucfjughrpegtggffuffhrhfkvfesrgdtregrtddtjeenucfhrhhomheptdhvhhgtlhhouhguuceotghonhhtrggtthesvgdqsggvthhhvghrmhdrfhhrqeenucggtffrrghtthgvrhhnpeeifeejtdekteefleetleffgeeguddtkeduuddvgefhveehfeefgfevhfetgfehffenucfkphepledurddufeegrdduledtrdduhedvnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmohguvgepshhmthhppdhhvghlohepihhniedtrdhmrghilhdrohhvhhdrnhgvthdpihhnvghtpeeluddrudefgedrudeltddrudehvddpmhgrihhlfhhrohhmpegtohhnthgrtghtsegvqdgsvghthhgvrhhmrdhfrhdprhgtphhtthhopegtohhnthgrtghtsegvqdgsvghthhgvrhhmrdhfrh

X-Spam-Status: OK

X-Spam-Reason: vr: OK; dkim: disabled; spf: disabled

X-Message-Type: OK

X-VR-SPAMSTATE: OK

X-VR-SPAMSCORE: 0

X-VR-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrgedvuddruddvgddufeegucetufdoteggodetrfdotffvucfrrhhofhhilhgvmecuqfggjfdpvefjgfevmfevgfenuceurghilhhouhhtmecuhedttdenucenucfjughrpegtggffuffhrhfkvfesrgdtregrtddtjeenucfhrhhomheptdhvhhgtlhhouhguuceotghonhhtrggtthesvgdqsggvthhhvghrmhdrfhhrqeenucggtffrrghtthgvrhhnpeeifeejtdekteefleetleffgeeguddtkeduuddvgefhveehfeefgfevhfetgfehffenucfkphepledurddufeegrdduledtrdduhedvnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmohguvgepshhmthhpohhuthdphhgvlhhopehmgidurdhovhhhrdhnvghtpdhinhgvthepledurddufeegrdduledtrdduhedvpdhmrghilhhfrhhomheptghonhhtrggtthesvgdqsggvthhhvghrmhdrfhhrpdhrtghpthhtohepmhgrthhhihhsrdgrrhhnrghrsehouhhtlhhoohhkrdhfrhdpmhhouggvpehsmhhtphdphhgvlhhopehinheitddrmhgrihhlrdhovhhhrdhnvghtpdhrtghpthhtoheptghonhhtrggtthesvgdqsggvthhhvghrmhdrfhhr

X-IncomingHeaderCount: 31

Return-Path: @mondomaine.com

X-MS-Exchange-Organization-ExpirationStartTime: 08 Nov 2021 20:23:35.6990

(UTC)

X-MS-Exchange-Organization-ExpirationStartTimeReason: OriginalSubmit

X-MS-Exchange-Organization-ExpirationInterval: 1:00:00:00.0000000

X-MS-Exchange-Organization-ExpirationIntervalReason: OriginalSubmit

X-MS-Exchange-Organization-Network-Message-Id:

6d642815-bf1d-4e9e-6962-08d9a2f5a44f

X-EOPAttributedMessage: 0

X-EOPTenantAttributedMessage: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa:0

X-MS-Exchange-Organization-MessageDirectionality: Incoming

X-MS-PublicTrafficType: Email

X-MS-Exchange-Organization-AuthSource:

.outlook.com

X-MS-Exchange-Organization-AuthAs: Anonymous

X-MS-UserLastLogonTime: 11/8/2021 8:15:10 PM



X-MS-TrafficTypeDiagnostic: DB8PR09MB3657:

X-MS-Exchange-EOPDirect: true

X-Sender-IP: XXXX

X-SID-PRA: @mondomaine.com

X-SID-Result: PASS

X-MS-Exchange-Organization-PCL: 2

X-MS-Exchange-Organization-SCL: 6

X-Microsoft-Antispam: BCL:0;

X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Nov 2021 20:23:35.6860

(UTC)

X-MS-Exchange-CrossTenant-Network-Message-Id: 6d642815-bf1d-4e9e-6962-08d9a2f5a44f

X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-AuthSource: .outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Anonymous

X-MS-Exchange-CrossTenant-FromEntityHeader: Internet

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg:

00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB8PR09MB3657

X-MS-Exchange-Transport-EndToEndLatency: 00:00:01.0579276

X-MS-Exchange-Processed-By-BccFoldering: 15.20.4669.016

X-Microsoft-Antispam-Mailbox-Delivery:

abwl:0;wl:0;pcwl:0;kl:0;iwl:0;dwl:0;dkl:0;rwl:0;ucf:0;jmr:0;ex:0;auth:1;dest:J;OFR:SpamFilterAuthJ;ENG:(5062000284)(90000117)(90005022)(91005020)(91035115)(5061607266)(5061608174)(9050020)(9100337)(4900116)(2008001134)(2008000189)(2008120379)(2008019284)(2008021020)(2021050021)(8390246)(8377080)(8386120)(8403086)(210498285)(210499095)(210410095)(4910005)(9610002)(9540004)(9320001)(9250002)(4920091)(6350099)(4960004)(4950132)(4990091)(9140004);RF:JunkEmail;

X-Message-Info:

qoGN4b5S4yrM8FHGBE7lvTctAkGqo5AWWM7QiYy9byusOeFfntlT6RCeFio2tA+XkTaCnWmnPfmxUC59JffXyhWMItXwfBosnbTGvM1m9P8Ue2UiHjfmZZpxTUOekRV8Lgs0W3ACkUmtR1JvuG1oFpBoO0ZXrToTKgZMqTif/HGaGDVZH1hdVXTPRt7pGDaUhHJ8JDdRfOuzwrjRkmeUEA==

X-Message-Delivery: Vj0xLjE7dXM9MDtsPTA7YT0wO0Q9MjtHRD0xO1NDTD02

X-Microsoft-Antispam-Message-Info:

=?utf-8?B?bTA5VGJFRGNFMHlscVpxaFR6VVAveWlkVk9SYkhlK1N6ckRPUStoWExNRlV0?=

=?utf-8?B?MXVwVkhNMk9CclRGYWRCZWRTcU9UVG5EZGlNNk8zckNkREJZSVB2eDJITlF5?=

=?utf-8?B?a0RhMlFNUTJpOEhBU0tsazJiaDFLOWNZMmsxbkdlS1E1UUM5eTJkSzJUVlhY?=

=?utf-8?B?VXh6VElwdVlkWUdJMW1EMEFvR1BOcTJFVzZBYVB0d2o2Yit5RXZ4SzhacE96?=

=?utf-8?B?Y0xCVlQ4T2JBYk5GelVwQ1hzd2dDSmhTc2s5alIwbjJSd0s3a1E0T1BYRE0v?=

=?utf-8?B?U0Y5bUpnOGw0WWN4UmpzaGJOeVFFamV6YmtEWmF3SkI4K0hzcGNCZFVzRmRx?=

=?utf-8?B?d1BVdGxmUmZYUDltRElMcG9RR0VBQVNwdzNsaFZEUDRIUFNoUDdpakU5TUxu?=

=?utf-8?B?RHJ2c2lTZXZTMDFQVnJWRHhiUktSWktVZmppQjZWZGtqWG5Ubjd2Y3lrd0E3?=

=?utf-8?B?ZDI2aVpaSElFcm9PeDNzZTdWZFlxbFV4aVNHZ1BJQ2JKcmxtTnJVN0VXUjJu?=

=?utf-8?B?d21UR3QxRnAxNEtRUFAzam1uMW1lNHVTc3NPUTlYWnRzbEQrOGtxUlMyYnhi?=

=?utf-8?B?N1Y2cTBtQ3JmWVd6clZJY2xha3h3RXlLcjR6OFlneUZ6S0NNa3JqUnYzbVBN?=

=?utf-8?B?cGVxMWg4OGpGUE1ZeUViUEM0NEMramdYdEoyUlNsOE1PVk05VjFnSlVzT3J3?=

=?utf-8?B?SVdnS3VUbmVzQUMrYXNQakVrUllvU01wWUFWWC85UTRScXN1VnQ2eFJnbFF5?=

=?utf-8?B?RUJiRVNOWVFGdDJPSndxNzYvdlFpRnFwTXBQMXFPNnRYMVNsNUwyUkQ4MlF0?=

=?utf-8?B?aFZhMElRR2ZBNnlTOVBZU1RNLzh1SWdoTFV3b0QyY094UTRMTlR3L0xQNEZP?=

=?utf-8?B?V09VUFBDRXBxTWliVytIRVhleFhIT3Q2RHQ2STc4NDZSb2QrdU0xa1FuKzRt?=

=?utf-8?B?TmhuMTR2THNkMjBhcHRPVkoxZGdySkJXSEx5RDhWTWxiWlJER2dKOTlJbzNn?=

=?utf-8?B?cjYveU9Pamt1ckh6N2VaenlDYzJFOWQ2L080cDloRU1TbE92RTlnSWp1aUtP?=

=?utf-8?B?Q09qVUtFWDFjdHUyRTIwZXc1dXI5OVJGSzdOY3JBZnlHNzFWTG9qRENpMmNu?=

=?utf-8?B?MmxSMlVVcWZPUEZLd1diRzR4WlNTbEJhRi9tYktkY21rVjhhbGtEcWFzcUM2?=

=?utf-8?B?cU5zN2YrN0tUQ3FEQ2hlaFg0c1N4VXpjRVdDSFlseDZlTjJRR3lmdldQbnU1?=

=?utf-8?B?Z3hwSnZKNWxCOElldEtKdFZBWTl0V0pZRFdpL2dxWXR5YnRJR3lSNWxOZzhF?=

=?utf-8?B?OE1jenZmNlpsZGxqcmN2SFV0MUJ6VEgxWDVobHFoalNibmpvZ0k1bHJUM0l5?=

=?utf-8?B?a0UwUmRjV0ZQQndSYXFlV21UQWY1bURtQ2dtMGgyT0FsVDJrd2ZrYmQwcnZp?=

=?utf-8?B?Wjd3WGV2NTdGL1prUmZjUGlpRGZaZjl3T3dINUczMEdMclUyVFNUdjVsQUU0?=

=?utf-8?B?MzVadzFSVldkWDR5ZlZzNXkxcmtUVzVMUVRXU3JQRFhEY3UzOVlRTUxLMzdH?=

=?utf-8?B?NjlDbzIyOStYL0xwTGlUc0hsWlZYT1VlN2UxaHVkZThwelc5dlp5Z25WU1Fa?=

=?utf-8?B?WGN0NXRWZTNMR25TcFNBYXpyYXhqTmNMb1JDdmhGdml5Mm9mU0VBYzZkYUs2?=

=?utf-8?B?eTl2QnJtNTdQQnFPajYzcFhCRGdlclM3ckc0WDl3a1dsTkJvZi9qTWFQRCt1?=

=?utf-8?B?czZnOEVpaE14MHFoYk5SbTd5dHpOZkF4Q2hwS2NvNklGbkJMTm03NUF4OWd2?=

=?utf-8?B?S0ZtVVAzdUlmKzBjZzVETTlhbVNiNzdGbHp4cmhndDhqd0RycnRUczg2Vlhx?=

=?utf-8?B?VUlyQW9DTkt6T2ozTlNWRTNxdVdHWUpVWjR6UklhSUtEaThnWFB2aGNQUzNY?=

=?utf-8?B?bzVXZ3VFNVJWK0RsRnEyaDhEakhuODVJWnFSZUVSNFZKeTBmMEhxTWViVGpr?=

=?utf-8?B?UnhpbWpOK0Zybm9rOEpzQUlHS2ZpR3RFMzhHMW9oTzZwT3VhMEUwSkxvRVRH?=

=?utf-8?B?V3ZiS0wzb0RCdDJGcFJrSm5qakdaSUdkZFNraVZ1Tmt5aTZxaTE1aDhycFRM?=

=?utf-8?B?U2Z6V0JGODBZZ1ppakFVN2wzQzZPazBRanFyaTFucS9Xbkx0RHlhUTRWOXBX?=

=?utf-8?B?WU55KzhxbDhhSXphTmo0bzFzN3pQcnJvVEV2cFVNU0Y0bWp5SnN3OTg3eVJQ?=

=?utf-8?B?bWtJaTVNbHoreStuSEV4N0FqdWdRPT0=?=

MIME-Version: 1.0
Présentation

Hello :hello: , Merci pour l'accueil

Bonjour, L’erreur de script peut venir de v[…]

New crash game Plinko

Oh, great. Crash games are a good choice if you wa[…]

Site officiel du casino Vavada

C'est un vieux casino, ce n'est pas du tout int&ea[…]