Delivered to: and To: email fields

[rutekp]

Hello,

Some spammers send email using my server. In header of message I have
different address then this message is delivered for. Massage from spammer:
alkalibayport@mad.scientist.com is in header message adressed for
wjaworski@domain-sa.com.pl:, but it was delivered to:
najem@domain-sa.com.pl. Why is this happend? What patch for qmail should I use?


Header message:
Return-Path: <alkalibayport@mad.scientist.com>
Delivered-To: 143-najem@domain-sa.com.pl
Received: (qmail 17089 invoked from network); 3 Aug 2006 15:03:29 +0200
Received: from pool-151-197-185-210.phil.east.verizon.net (HELO
ROBOT.rc0t.com) (151.197.185.210)
by srv1.domain.pl with SMTP; 3 Aug 2006 15:03:29 +0200
Message-ID: <01270571849750.3C33806A70@QJZAPCKK>
From: "Zachariah" <backupdetail@bikerider.com>
To: <wjaworski@domain-sa.com.pl>
Subject: Enjoy secure ordering, lowest possible prices and almost instant
shipment. Be delighted with
Date: Thu, 3 Aug 2006 09:03:12 -0400
MIME-Version: 1.0
X-Mailer: Microsoft Office Outlook, Build 11.0.5510
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
Thread-Index: zVXxufFpIzexEoPKGe0radPPLGCGZ4haLdjX
Content-Type: text/plain;
charset="Windows-1252"
Content-Transfer-Encoding: 7bit


Logs from qmail:
Aug 3 15:03:30 srv1 qmail: 1154610210.048418 delivery 25672: success:
did_1+0
+2/did_0+0+1/
Aug 3 15:03:30 srv1 spamd[15560]: result: . 0 - FORGED_RCVD_HELO
scantime=0.
5,size=1543,mid=<01270571849750.3C33806A70@QJZAPCKK>,autolearn=ham
Aug 3 15:03:30 srv1 spamd[15560]: clean message (0.1/7.0) for
najem@domain-sa.
com.pl:110 in 0.5 seconds, 1543 bytes.
Aug 3 15:03:29 srv1 qmail: 1154610209.982397 status: local 1/10 remote 0/20
Aug 3 15:03:29 srv1 qmail: 1154610209.982362 delivery 25671: success:
did_1+0
+2/did_0+0+1/
Aug 3 15:03:29 srv1 spamd[16842]: result: . 0 - FORGED_RCVD_HELO
scantime=0.
4,size=1543,mid=<01270571849750.3C33806A70@QJZAPCKK>,autolearn=ham
Aug 3 15:03:29 srv1 spamd[16842]: clean message (0.1/7.0) for
wjaworski@domain
-sa.com.pl:110 in 0.4 seconds, 1543 bytes.
Aug 3 15:03:29 srv1 spamd[15560]: processing message
<01270571849750.3C33806A
70@QJZAPCKK> for najem@domain-sa.com.pl:110.
Aug 3 15:03:29 srv1 spamd[16842]: processing message
<01270571849750.3C33806A
70@QJZAPCKK> for wjaworski@domain-sa.com.pl:110.
Aug 3 15:03:29 srv1 spamd[15560]: Using default config for
najem@domain-sa.com
.pl: /var/qmail/mailnames/domain-sa.com.pl/najem/.spamassassin/user_prefs
Aug 3 15:03:29 srv1 spamd[15560]: got connection over /tmp/spamd_full.sock
Aug 3 15:03:29 srv1 spamd[16842]: Using default config for
wjaworski@domain-sa
.com.pl:
/var/qmail/mailnames/domain-sa.com.pl/wjaworski/.spamassassin/user_pre
fs
Aug 3 15:03:29 srv1 spamd[16842]: got connection over /tmp/spamd_full.sock
Aug 3 15:03:29 srv1 qmail: 1154610209.444360 status: local 2/10 remote 0/20
Aug 3 15:03:29 srv1 qmail: 1154610209.444353 starting delivery 25672: msg
627
19 to local 143-najem@domain-sa.com.pl
Aug 3 15:03:29 srv1 qmail: 1154610209.444342 status: local 1/10 remote 0/20
Aug 3 15:03:29 srv1 qmail: 1154610209.444323 starting delivery 25671: msg
627
19 to local 143-wjaworski@domain-sa.com.pl
Aug 3 15:03:29 srv1 qmail: 1154610209.400734 info msg 62719: bytes 1543
from
<alkalibayport@mad.scientist.com> qp 17089 uid 2020
Aug 3 15:03:29 srv1 qmail: 1154610209.400709 new msg 62719
Aug 3 15:03:29 srv1 qmail-queue: dwlib[17083]: scan: the
message(drweb.tmp.Er
rGKo) sent by alkalibayport@mad.scientist.com to rcpts should be passed
withou
t checks, because contains uncheckable addresses
Aug 3 15:03:29 srv1 qmail-queue: dwlib[17083]: mail: all addreses are
uncheck
able - need to skip scanning (by deny mode)