Tesseract 0 Posted June 4 https://www.spamcop.net/sc?id=z6637142364zdc54ead736a47ce567fa990ae31abf26z The actual originating IP seems to be 95.70.49.44, but hop 7 seems to be mis-parsed. It's an internal handoff with no IP address given, and the parser is pulling out part of "Oracle Communications Messaging Server 8.1.0.5.20200312" and treating it as the IP address 8.1.0.5. I'm not sure whether that Received header is RFC-compliant, but this seems problematic either way. Share this post Link to post Share on other sites
Tesseract 0 Posted August 14 It happened again today: https://www.spamcop.net/sc?id=z6645759962zf8698377d1581a4b17606f61a9f5575bz Share this post Link to post Share on other sites
petzl 0 Posted August 15 18 hours ago, Tesseract said: It happened again today: https://www.spamcop.net/sc?id=z6645759962zf8698377d1581a4b17606f61a9f5575bz 17.128.115.105 17.171.2.60 both are Apple addresses yours? Scan your device 85.143.166.232abuse actuall abuse address is abuse[AT]comfortel[DOT]pro The address it is sent to has been coded into SpamCop two years ago? Share this post Link to post Share on other sites
Snowbat 0 Posted October 27 (edited) On 6/4/2020 at 5:15 AM, Tesseract said: I'm not sure whether that Received header is RFC-compliant, but this seems problematic either way. Both Postfix and Sendmail insert text in parentheses at that point so I doubt that it's non-compliant. SpamCop's code to identify a valid IPv4 address is clearly flawed/incomplete though. Edited October 27 by Snowbat Share this post Link to post Share on other sites
petzl 0 Posted October 27 15 minutes ago, Snowbat said: Both Postfix and Sendmail insert text in parentheses at that point so I doubt that it's non-compliant. SpamCop's code to identify a valid IPv4 address is clearly flawed/incomplete though. https://www.spamcop.net/sc?id=z6645759962zf8698377d1581a4b17606f61a9f5575bz Seems working now? Share this post Link to post Share on other sites
gnarlymarley 0 Posted October 29 On 10/27/2020 at 2:31 PM, petzl said: https://www.spamcop.net/sc?id=z6645759962zf8698377d1581a4b17606f61a9f5575bz Seems working now? Doesn't appear to be fixed. I see line #7 has the problem still 7: Received: from process_milters-daemon.rn-mailsvcp-relay-lapp04.rno.apple.com by rn-mailsvcp-relay-lapp04.rno.apple.com (Oracle Communications Messaging Server 8.1.0.6.20200729 64bit (built Jul 29 2020)) id <0QF100500ALEFW00@rn-mailsvcp-relay-lapp04.rno.apple.com> for x (ORCPT x); Thu, 13 Aug 2020 20:24:51 -0700 (PDT) No unique hostname found for source: 8.1.0.6 mac.com received mail from sending system 8.1.0.6 Share this post Link to post Share on other sites
petzl 0 Posted November 6 On 10/29/2020 at 12:34 PM, gnarlymarley said: Doesn't appear to be fixed. I see line #7 has the problem still 7: Received: from process_milters-daemon.rn-mailsvcp-relay-lapp04.rno.apple.com by rn-mailsvcp-relay-lapp04.rno.apple.com (Oracle Communications Messaging Server 8.1.0.6.20200729 64bit (built Jul 29 2020)) id <0QF100500ALEFW00@rn-mailsvcp-relay-lapp04.rno.apple.com> for x (ORCPT x); Thu, 13 Aug 2020 20:24:51 -0700 (PDT) No unique hostname found for source: 8.1.0.6 mac.com received mail from sending system 8.1.0.6 ? process_milters-daemon.rn-mailsvcp-relay-lapp04.rno.apple.com --- 11/06/20 10:59:48 AUS Eastern Summer Time --- reading URL process_milters-daemon.rn-mailsvcp-relay-lapp04.rno.apple.com --- error: Host not found Share this post Link to post Share on other sites
gnarlymarley 0 Posted November 6 6 minutes ago, petzl said: ? process_milters-daemon.rn-mailsvcp-relay-lapp04.rno.apple.com --- 11/06/20 10:59:48 AUS Eastern Summer Time --- reading URL process_milters-daemon.rn-mailsvcp-relay-lapp04.rno.apple.com --- error: Host not found I wonder if it is considered an "internal IP". It is interesting that it picks up the 8.1.0.6 IP from what appears to be a software version number. Server 8.1.0.6.20200729 64bit Probably a regex border issue seeing the period as an end of sentence? Share this post Link to post Share on other sites
