Jump to content
albert2

Reporting Issue's reason Fake Headers

Recommended Posts

Hello,

Since a while i have problems reporting spam while before i never had issue's. On my side nothing has changed so it's certainly not a mail host issue.

This are the exact errors spamcop gives me:

 

No unique hostname found for source: xxxxxxx

Possible forgery. Supposed receiving system not associated with any of your mailhosts

Will not trust this Received line.

Mailhost configuration problem, identified internal IP as source

Mailhost:
Please correct this situation - register every email address where you receive spam

No source IP address found, cannot proceed.

Nothing to do.

I first ignored the spams & did no efforts to report them but now every spam i received get bounced for this reason & spams send to me grow in numbers. So i needed to take action and looked for above errors on this forum. I found a solution and with it i can report again but doing this for every spam is a time consuming workaround, besides that there is each time the risk i forget to mungle out my own email address & face retributions from the spammer if he receives a copy of the report.

This is the solution:

Seem a number of variants copy from including this line down

ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of www.@vanilla.ocn.ne.jp designates 153.149.236.39 as permitted sender) 

Then copy and paste the above bit in notes' After SpamCop has parsed it.

 

I hope Spamcop could do an effort in including a process that automates this on their side so users can simply copy paste their mail source, in this case the mingling would also be automatically performed by spamcop as it was done before.

Thanks for looking into this & providing a permanent solution.

 

Albert

 

PS if you require samples please respond to me & i will provide a few

 

Share this post


Link to post
Share on other sites

presently gmail headers 2nd line needs deleting before submitting. Trouble is ISP's need FULL headers as evidence so past deleted line in comments

Delivered-To: x
Received: by 2002:a9d:21b7:0:0:0:0:0 with SMTP id s52-v6csp2028874otb; DELETE

Share this post


Link to post
Share on other sites

Thanks Petzl,

Seems you have pinpointed the problem to the second header line.

Do you or someone else knows what exactly is caused by this line & what this line tells ?

Again maybe Spamcop systems can be altered to remove or ignore this line automatically when present so users won't need to take care of it anymore for each mail.

If this line is specific to mailboxes from gmail, maybe spamcop could contact google and ask for a solution.

 

Albert

Share this post


Link to post
Share on other sites
1 hour ago, albert2 said:

Thanks Petzl,

Seems you have pinpointed the problem to the second header line.

Do you or someone else knows what exactly is caused by this line & what this line tells ?

Again maybe Spamcop systems can be altered to remove or ignore this line automatically when present so users won't need to take care of it anymore for each mail.

If this line is specific to mailboxes from gmail, maybe spamcop could contact google and ask for a solution.

 

Albert

The line tells that the message was received by the mail server at IPv6 address 2002:a9d:21b7:0:0:0:0:0 which is actually a 6to4 address translated from the IPv4 address 10.157.33.183.

In short, the mail server at google that received the message before displaying it to you in your gmail account has the IP address 10.157.33.183.

I received the following message from SpamCop:

<quote>
Gmail has broken their headers, not showing who received the mail and
using IP addresses that do not resolve.

Google has promised to fix the issue but have not provided an ETA of a
fix.  We looked at programming around it but that option was rejected by
our CERT board as it would have opened a security hole in our system.

We can just sit and wait for Gmail.
</quote>

 


 

Share this post


Link to post
Share on other sites

I really think this is annoying. I can't automate my spam reporting anymore because now i need to do everything manually now for each spam mail.

This process includes:

In my mail app:

Open each mail

In the menu select to view the source

Copy the source

In my browser:

Paste the source

Copy the line that breaks reporting

Delete the Line """""""""""

After Process spam

Paste above line in comments

 

This has to be done for every Mail, i think its best to create a work around the problem at Spamcops side until Google resolves this ( if they ever will)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×