Brian Kendig

Aha. I think I've figured it out. A few days ago, on the Mailhosts tab, I had set up the entry for my server by having Spamcop send me an email and then I copy/pasted it with full headers back into Spamcop's form. This created the Mailhosts entry - but the "Hosts/Domains" pulldown menu for it was empty. This was before I had put the FQDN into the email headers, so my server was only identifying itself with its local name, "www". I think this confused Spamcop. Yesterday I fixed my mail server to put its FQDN into its email headers. And just now I deleted that Mailhosts entry and created it again the same way - only, now the "Hosts/Domains" pulldown menu lists "www.enchanter.net" and "enchanter.net". I resubmitted this morning's spam, and Spamcop was able to handle it with no problem. Thank you both for your help! tl;dr: If the mail server doesn't put its FQDN into its Received header, then Spamcop's Mailhosts setup won't be able to read the domain name, and Spamcop will reject spam reports for that server with the "identified internal IP as source" error.

"by www.enchanter.net with esmtps" still gives me the "Mailhost configuration problem, identified internal IP as source" / "No source IP address found, cannot proceed" error. "by 216.53.249.115 (www.enchanter.net) withy esmtps" also gives me the same error. "by 216.53.249.115 with esmtps" also isn't working for me on another message, now. Same error. I'm perplexed - I no longer seem to be able to report any spam for my mail server. Not a critical issue, of course, but I wonder what's going on. I don't see other servers needing to put their IP address into their Received header.

No success yet. I submitted spam with this header, which includes my FQDN and IP address: Received: from net-mkting.com ([106.75.87.56]) by www.enchanter.net (216.53.249.115) with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.93) (envelope-from <sales@net-mkting.com>) id 1kCAPa-0001f8-Pi for brian@enchanter.net; Sat, 29 Aug 2020 19:37:31 -0400 but SpamCopy still says "Mailhost configuration problem, identified internal IP as source". (https://www.spamcop.net/sc?id=z6647849203zdc6a9633e3bd43a0c4fc48a74c4b0f42z) I just don't understand what it thinks is an "internal IP" that's being used as a "source." Edit: aha, when I remove my FQDN and just say "by 216.53.249.115", then SpamCop accepts it, interesting...

Aha, you're saying that your example spam message has "Received: by" with a numeric IP address, while my spam headers have "Received: by www" with no IP. I'll look into how to get Exim to put my external IP address there and have it show 'enchanter.net' instead of 'www'. (It's probably a matter of editing Exim's received_header_text setting, though I'm surprised the IP address isn't appearing by default.) Thank you! As for reverse DNS, I don't know if I can do anything about that because I'm using FreeDNS to resolve my hostname, but IP to hostname conversion is being handled by my ISP. I'll need to ask them if they'll fix it on their end, but they might not want to be bothered. Thank you for your help!

petzl - I appreciate your help but I don't understand what that means. Yes, my spam is from a Chinese botnet IP, but what do you mean by "Not stamping received IP only"? Is that a problem on my end? As for my email server test - looks like it checks out okay except for reverse DNS on my server. That's because my ISP's DNS apparently takes precedence over the nameserver I chose for my domain. I don't think that can be fixed, but it's not a factor here, is it? Your example shows SpamCop handling your spam correctly, but I still don't understand what "identified internal IP as source" means for mine.

Tracking URL for the most recent one of these: https://www.spamcop.net/sc?id=z6647673526z717f1b3f9f3bda2be59f7a5a44fe732ez Nope, not Chinese; I and my site are in the US. I just don't see how SpamCop thinks that's an internal IP. My SpamCop Mailhosts config shows "Relaying IPsv4" as my external IP address, 216.53.249.115.

I've got a personal email server (named enchanter.net) that I recently migrated to Exim. I used SpamCop's Mailhosts tab to send me a test email and then I gave it back to SpamCop so that it knows about my mailhost; but still, there are two messages in my Junk mail folder that tell me "Mailhost configuration problem, identified internal IP as source" when I try to submit them to SmapCop. Here are the headers from one of them (the other one is similar, and I edited out the long signatures): Return-path: <info@themailertools.com> Envelope-to: brian@enchanter.net Delivery-date: Wed, 26 Aug 2020 19:15:42 -0400 Received: from themailertools.com ([106.75.103.146]) by www with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.93) (envelope-from <info@themailertools.com>) id 1kB4dp-000XhP-Ex for brian@enchanter.net; Wed, 26 Aug 2020 19:15:42 -0400 DKIM-Signature: ... DomainKey-Signature: ... Reply-To: <908618401@qq.com> Message-ID: <20200827071535733026@themailertools.com> From: "unlimited smtp seller" <info@themailertools.com> To: <brian@enchanter.net> Subject: Re:quality SMTP for bulk mailing/fresh office 365 emails Date: Thu, 27 Aug 2020 07:15:30 +0800 MIME-Version: 1.0 Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: base64 X-mailer: Jxxflinct 0 What does "identified internal IP as source" mean here? The only IP in the headers is 106.75.103.146, and that's in China. I admit it's entirely possible that I set up my Exim server incorrectly, but what did I do wrong?