semmelbroesel Posted June 28, 2006 Share Posted June 28, 2006 Hi, I have received some spam that contains quite a few RECEIVED entries, and I found that the spamcop parser did not go deep enough to find the one line that actually shows the spammer. Example report I would like to point out the line Received: from KNABI (acrz159.neoplus.adsl.tpnet.pl [83.11.27.159]) that doesn't appear to be parsed. Is there a reason this is happening? Am I doing something wrong? Should I edit the header and remove the RECEIVED lines that belong to my provider? (I don't think I should because the whole header gets sent in the report, but otherwise how can I get the actual spammer reported?) Thanks for any advice you can give me - this spammer has been very persistent and seems to be increasing output :-( Link to comment Share on other sites More sharing options...
turetzsr Posted June 28, 2006 Share Posted June 28, 2006 I have received some spam that contains quite a few RECEIVED entries, and I found that the spamcop parser did not go deep enough to find the one line that actually shows the spammer. Example report ...Have you configured MailHosts? It appears that the parser is trying to report the server (216.245.171.32 = mail.agiliti.com) from which the last server (EXCHANGE1.agiliti.net, presumably, the one that ultimately receives and stores your e-mail) receives the e-mail but that's just another server in your e-mail provider's network. MailHosts was designed to help avoid this situation. Should I edit the header and remove the RECEIVED lines that belong to my provider? (I don't think I should because the whole header gets sent in the report, but otherwise how can I get the actual spammer reported?) ...Yes, you can do that, but if you do, cancel the reports that SpamCop offers to send. This is because editing the headers is a violation of SpamCop's Rules against material changes to spam. Link to comment Share on other sites More sharing options...
Wazoo Posted June 28, 2006 Share Posted June 28, 2006 I have received some spam that contains quite a few RECEIVED entries, and I found that the spamcop parser did not go deep enough to find the one line that actually shows the spammer. I'd suggest turning on "Show Full Technical Details" in your Preferences, send a copy of the original headers and the SpamCop Parser output and ask your ISP to explain the odd handoffs showing in that chain of events/handling. Running your reporting account through the MailHost Configuration process "might" help, but .... there are some items there that I sure can't come up with an explanation for .... Link to comment Share on other sites More sharing options...
semmelbroesel Posted June 29, 2006 Author Share Posted June 29, 2006 Running your reporting account through the MailHost Configuration process "might" help, but .... there are some items there that I sure can't come up with an explanation for .... agiliti and g2host seem to be part of our provider, digitalnorth. I have not looked into mailhosts yet, but I am checking it out right now and will see what it does. If I understand it correctly it will filter out servers that belong to my provider from being detected as possible spam source. Just tried it, but the two servers mailhosts detected are names that don't even show in the email headers, so I gotta figure out if I can add the others, too. Am waiting for the test email now. Thanks for your advice! Link to comment Share on other sites More sharing options...
semmelbroesel Posted June 29, 2006 Author Share Posted June 29, 2006 Dang, it's been over 7 hours, and the mailhosts test emails haven't come... :-( Link to comment Share on other sites More sharing options...
turetzsr Posted June 29, 2006 Share Posted June 29, 2006 Dang, it's been over 7 hours, and the mailhosts test emails haven't come... :-(Hi, semmelbroesel, ...Please see StevenUnderwood's final reply in thread "Not receiving Mailhost email". Link to comment Share on other sites More sharing options...
semmelbroesel Posted June 30, 2006 Author Share Posted June 30, 2006 ...Please see StevenUnderwood's final reply in thread "Not receiving Mailhost email". We have a spam filter, but I disabled it, and I also haven't received a spam filter alert. I sent an email to the deputies. Thanks! Link to comment Share on other sites More sharing options...
turetzsr Posted June 30, 2006 Share Posted June 30, 2006 We have a spam filter, but I disabled it, and I also haven't received a spam filter alert. I sent an email to the deputies. Thanks! ...Thanks for letting us know. If you are able, please let us know how this was resolved. Link to comment Share on other sites More sharing options...
Jank1887 Posted July 6, 2006 Share Posted July 6, 2006 btw, is this thread in the right forum? (reporting help or mailhosts maybe?) Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.