Wrong Planet

No source IP address found

6 posts in this topic

I've been getting a bunch of spam that cannot be processed. The messages I get are;

Mailhost configuration problem, identified internal IP as source

No source IP address found

Nothing to do.

I don't want to publicly post the email headers. I just need some advice on what to look for or perhaps what I can do about this.

Thanks.

Share this post


Link to post
Share on other sites

I usually see this when the spammer is using my local email provider.  Since spamcop is external to my email provider, I have to use the "report spam" button to get it sent to the postmaster to deal with.  Before the report spam buttons and back around when spamcop began, we used to forward those emails to abuse@[relatedISP].com.

Share this post


Link to post
Share on other sites

Just to confirm, you're saying that the spam is originating from the same place that is hosting my email account???

Share this post


Link to post
Share on other sites

I contacted the folks that are hosting my email. I could tell that the tech support guys was "outsourced" and he didn't seem to be interested in the issue but he at least let me email him a file with all the header info, I haven't seen any let up in the frequency of these "orphaned" emails nor have they contacted me back. In a about a 13 hour period overnight I received 28 spam emails and 11 of those I couldn't report because of no source IP.. All emails are essentially the same subject about some kind of brain boosting pill and all emails are formatted in plain text.

Without giving up any of my personal info here's a snippet of what I'm receiving;

Received: from localhost (localhost.localdomain [127.0.0.1])
    by mail.grupoitm.lan (Postfix) with ESMTP id 5C766FAB454;
    Mon, 14 Aug 2017 03:48:58 -0600 (CST)
Received: from mail.grupoitm.net ([127.0.0.1])
    by localhost (mail.grupoitm.lan [127.0.0.1]) (amavisd-new, port 10024)
    with ESMTP id 3xff6aC6fjRp; Mon, 14 Aug 2017 03:48:57 -0600 (CST)
Received: from [127.0.0.1] (unknown [84.238.197.88])
    by mail.grupoitm.lan (Postfix) with ESMTPSA id A7E26FAB458;
    Mon, 14 Aug 2017 03:44:12 -0600 (CST)
Received: from mail.grupoitm.net ([190.148.69.250]) by mx.perfora.net

############### My host's address and "To" info

Subject: Boost your intelligence thanks to these tablets
Date: Mon, 14 Aug 2017 05:44:14 -0400
Message-ID: <646B5A86.4477323@grupoitm.net>
MIME-Version: 1.0
Content-Type: text/plain;
    charset="UTF-8"
Content-Transfer-Encoding: 7bit

Share this post


Link to post
Share on other sites

Here's a status update. I got a note from the tech support folks where I host my email and it said...

Quote

Just an update regarding on the spam emails, if the spam messages has been lessened.

I'm not exactly sure what that means but the good news is I haven't had any orphaned (No source IP) emails in about 24 hours now. As a matter of fact the quantity and frequency of spam has suddenly decreased to almost nothing. So I guess we'll see how long things remain quiet until the spammers gear up again.

Share this post


Link to post
Share on other sites

They're back at it this morning. Getting a steady influx of the IP missing emails. Sent a tech support request to my provider to see if they can make anything out of it. The peace and quiet was nice while it lasted.

Oh yeah, the other brain booster spams had quieted down too but they're cranking back up also.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now