Ashocka Posted February 21, 2007 Author Share Posted February 21, 2007 Wazoo Your help is appreciated, but the manner in which you deliver it is not. I would therefore request you do not bother addressing any of my posts in future, please let others do that. If they don't wish to, fine. Here's the complete header again (munged) From - Wed Feb 14 08:13:16 2007 X-Account-Key: account2 X-UIDL: 207b0cd81924ef82292e121567d51efc X-Mozilla-Status: 0001 X-Mozilla-Status2: 00000000 Return-path: <cognitiv(at)host.spamungaccessiblehosting.com> Envelope-to: hostacce(at)spamungaccessiblehosting.com Delivery-date: Wed, 14 Feb 2007 08:03:37 +1100 Received: from cognitiv by host.spamungaccessiblehosting.com with local (Exim 4.63) (envelope-from <cognitiv(at)host.spamungaccessiblehosting.com>) id 1HH4oh-00011u-Qt for hostacce(at)spamungaccessiblehosting.com; Wed, 14 Feb 2007 08:03:37 +1100 To: hostacce(at)spamungaccessiblehosting.com Subject: WordPress installation on http://cognitivity.org From: fantastico(at)spamungcognitivity.org X-Sender: <fantastico(at)spamungcognitivity.org> X-Mailer: PHP X-Priority: 1 Message-Id: <E1HH4oh-00011u-Qt(at)host.spamungaccessiblehosting.com> Date: Wed, 14 Feb 2007 08:03:37 +1100 X-Antivirus: AVG for E-mail 7.5.441 [268.17.37/682] Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 I hope this is more helpful. Geoff Link to comment Share on other sites More sharing options...
Wazoo Posted February 21, 2007 Share Posted February 21, 2007 Your help is appreciated, but the manner in which you deliver it is not. I would therefore request you do not bother addressing any of my posts in future, Whatever ... you ask a question, sometimes answer just appear .. that's the way it works around here ... Here's the complete header again (munged) From - Wed Feb 14 08:13:16 2007 snipped I hope this is more helpful. The first glance once again left one with the immediate response that there's nothing in there that deals with a SpamCop.net e-mail account .... So we ignore that small issue, look at what you did provide ... A major second to Stevenunderwood's remarks about the line I didn't snip .... The "From" is not a valid "From: " line, it's certainly not a valid "X-Line: " ... and the fact that the data that follows is a time-stamp ... well, that's a problem ... On the other hand, the last time this specific factoid was brought up, it was in fact a Reporting issue, as the parser failed on that bad line. The 'source' of the bad line boiled down to an issue with Thunderbird, as I recall .... then again, guess maybe that Topic/Discussion is gong to have to be located, as now I have this strange thought about FireFox and a web-mail application .... search later, perhaps .. time involved ....??? The 'problem' with this is that it boiled down to how an e-mail was snagged, then handled ... whereas your initial query allegedly dealt with an e-mail server sending another server's e-mail directly, thus Thunderbird/FireFox wouldn't be in the mix .... so I'm still back to the 'lack of data' issue, actually .... having the added confusion of a non-related sample offered up as 'evidence' ...???? Yet, on the other hand, can't help but note that this data/construct is not present in your first offered sample, that was (assumedly) supposed to be an actual SpamCop.net e-mail server hand-off .... so we're back to the issue of just what you are trying to present as an example of a specific prooblem ... samples of 'something else' help no one ... Link to comment Share on other sites More sharing options...
Ashocka Posted February 21, 2007 Author Share Posted February 21, 2007 Whatever ... you ask a question, sometimes answer just appear .. that's the way it works around here ... Well I have asked you not to bother replying to me because I don't find your manner helpful at all. So please understand, your responses and tone are not welcome, if others don't want to help, that's fine also, but I'd prefer not to deal with Wazoo. Everyone else I find help in an acceptable manner and appreciate their help. Please respect this Wazoo. The first glance once again left one with the immediate response that there's nothing in there that deals with a SpamCop.net e-mail account .... I'm sorry I did not make this clear enough to everyone, I thought I had. SC rejects this email completely, so it is discarded by the system. The only way I could get an email with an example header was to send one from Fantastico to an email address that would bypass SC. So naturally there is nothing in this email header that deals with SC as it has not gone through the SC system. Because if this email is sent to SC it rejects it and never gets to me. The question remains, why does SC reject this email? I'm willing to coordinate with JT (or anyone (but Wazoo)) to send an email to my SC account so that he can monitor the logs to see what is happening. On the other hand, the last time this specific factoid was brought up, it was in fact a Reporting issue, as the parser failed on that bad line. The 'source' of the bad line boiled down to an issue with Thunderbird, as I recall .... then again, guess maybe that Topic/Discussion is gong to have to be located, as now I have this strange thought about FireFox and a web-mail application .... search later, perhaps .. time involved ....??? The 'problem' with this is that it boiled down to how an e-mail was snagged, then handled ... whereas your initial query allegedly dealt with an e-mail server sending another server's e-mail directly, thus Thunderbird/FireFox wouldn't be in the mix .... so I'm still back to the 'lack of data' issue, actually .... having the added confusion of a non-related sample offered up as 'evidence' ...???? This mail is not being generated by Thunderbird. It is being generated by Fantastico. What has Thunderbird got to do with this (excuss my ignorance). Yet, on the other hand, can't help but note that this data/construct is not present in your first offered sample, that was (assumedly) supposed to be an actual SpamCop.net e-mail server hand-off .... so we're back to the issue of just what you are trying to present as an example of a specific prooblem ... samples of 'something else' help no one ... I'm soooo sorry that this wasn't clear enough. I'll go through it again; When Fantastico installs a package on my server it offers to send an email of all the configuration details of the install to a given email address. If I enter any email address that is forwarded to SC, SC rejects this email, Exim logs; 2007-02-11 11:14:28 1HG2Mk-0006M9-Nq ashocka[at]spamcop.net R=lookuphost T=remot e_smtp H=mx.spamcop.net [216.154.195.36] 2007-02-11 11:14:29 1HG2Mk-0006M9-Nq Completed 2007-02-11 11:14:29 1HG2Ml-0006MI-QP H=(c60.cesmail.net.invalid) [216.154.195.49] F= rejected after DATA: there is no valid sender in any header line 2007-02-11 11:14:30 1HG2Mm-0006MN-7e cognitiv R=localuser T=local_delivery 2007-02-11 11:14:30 1HG2Mm-0006MN-7e Completed So I understand Exim is telling me that this email has been rejected by the server at c60.cesmail.net.invalid because there is no valid sender in any header line. So I am asking if anyone (except Wazoo) can tell me why it is analysing these headers and coming to that conclusion. There must be some parsing logic or something on the server side at this server at SC that causes it to take this action, because this is the only mail I know of directed to me that is rejected. Is there a syntax or failed compliance to specification in the header? Thanks in advance. Geoff Link to comment Share on other sites More sharing options...
Wazoo Posted February 21, 2007 Share Posted February 21, 2007 Ignore the wazoo part of the response .. try reading the damn data .. noting Wazoo is the only one around at present. One 'sample' you've provided twice has the same bad header line on both instances .... and again, for whatever reason, that bad header line was not in your first "exact" copy of an alleged e-mail traversing the path you say can't be travelled. So please explain how your two examples of the non-connected items do not match your first 'connected' sample .. the obvious answer would be the overdone munging, but ....???? Yet again, if he 'actual' e-mail in the first instance was made available, all this dancing could come to close and some analysis on the actual issue could start. You want to coordinate with JT .. no problem, that option has always been available .... Contact data is found in several places .... my favorite pointer goes to your described useless Wiki .... Where to get Help Link to comment Share on other sites More sharing options...
Wazoo Posted February 21, 2007 Share Posted February 21, 2007 I still have not found the post/Topic I was thinking of, but .... ran across other samples ..... even stranger yet, one of these was in the huge Cox and the missing colon discussion .. but this line didn't seem to come up ... odd .... anyway, a couple of links found thus far .... http://forum.spamcop.net/forums/index.php?...ost&p=53184 contains: From - Thu Jan 11 08:00:19 2007 X-Account-Key: account2 http://forum.spamcop.net/forums/index.php?...ost&p=46435 contains: From: - Sun Aug 20 09:55:58 2006 X-UIDL: <02d401c6c3df$317c0c00$0200a8c0[at]haguey> Notice that even these samples differ a bit ... From: in one, the other only From ....???? Link to comment Share on other sites More sharing options...
Ashocka Posted February 21, 2007 Author Share Posted February 21, 2007 Wazoo I have kindly asked you not to reply or provide any further feedback to my post. Can't you be gracious enough to accommodate such a request. Please do not respond to my post anymore. ...... Geoff Link to comment Share on other sites More sharing options...
Wazoo Posted February 21, 2007 Share Posted February 21, 2007 ns2.accessiblehosting.com reports the following MX records: Preference Host Name IP Address TTL 0 cognitivity.org 205.234.106.236 14400 http://www.senderbase.org/search?searchBy=...205.234.106.236 Sender Category unknown Network Owner unknown Domain unknown Date of first message seen from this address CIDR range unknown # of domains controlled by this network owner 0 Volume Statistics for this IP Magnitude Vol Change vs. Average Last day 0.0 -100% Last 30 days 0.0 -100% Average 0.0 Information from whois [ Click to hide details ] Network Owner: unknown Registered on: unknown Updated on: unknown Expires on: unknown Netblock(s): unknown unknown A definite strike-out .... 02/21/07 03:17:29 Slow traceroute cognitivity.org Trace cognitivity.org (205.234.106.236) ... 02/21/07 03:17:58 IP block 205.234.106.236 Trying 205.234.106.236 at ARIN Trying 205.234.106 at ARIN OrgName: Defender Technologies Group, LLC OrgID: DTGL Address: 44470 Chilum Place, Building 1 Address: Suite 1197 City: Ashburn StateProv: VA PostalCode: 20147 Country: US ReferralServer: rwhois://rwhois.defenderhosting.com:4321/ NetRange: 205.234.96.0 - 205.234.111.255 CIDR: 205.234.96.0/20 NetName: DEFENDER-1 NetHandle: NET-205-234-96-0-1 Parent: NET-205-0-0-0-0 NetType: Direct Allocation NameServer: NS1.DEFTECHGROUP.COM NameServer: NS2.DEFTECHGROUP.COM Comment: RegDate: 2005-07-15 Updated: 2005-07-15 OrgAbuseHandle: DTGAD-ARIN OrgAbuseName: DTG Admin OrgAbusePhone: +1-703-621-3565 OrgAbuseEmail: abuse[at]defenderhosting.com whois -h whois.enom.com defenderhosting.com ... Domain name: defenderhosting.com Registrant Contact: Defender Hosting Group, LLC NA NA (NA) NA Fax: PO Box 220838 Chantilly, VA 20153 US Administrative Contact: NA Thomas Kiblin (admin[at]defenderhosting.com) (703) 728-9172 Fax: Defender Hosting Group, LLC PO Box 220838 Chantilly, VA 20153 US Technical Contact: NA Thomas Kiblin (admin[at]defenderhosting.com) (703) 728-9172 Fax: Defender Hosting Group, LLC PO Box 220838 Chantilly, VA 20153 US Status: Locked Name Servers: NS1.DEFTECHGROUP.COM NS2.DEFTECHGROUP.COM ????? http://www.senderbase.org/search?searchStr...cognitivity.org Other information about unknown domain Sender Category unknown category Date of first message seen from this domain Volume Statistics for this Domain Magnitude Vol Change vs. 30 Day Last day 0.0 0% Last 30 days 0.0 Registrant City:Moyhu Registrant State/Province:VI Registrant Postal Code:3732 Registrant Country:AU Name Server:NS1.ACCESSIBLEHOSTING.COM Name Server:NS2.ACCESSIBLEHOSTING.COM other personal data left off .. but the issue thus far does seem to go to zero e-mail seen from this place/server/domain/whatever ... so hard to go with it being on a blockklist anywhere ... yet, is this anywhere close to the problem server? there is a server there .... telnet 205.234.106.236 25 220 AVG ESMTP Proxy Server 7.5.434/7.5.441 [268.18.3/694] amd while scratching around, the lack of a FQDN hit me, though not sure if there's an issue, as thus far, the only thing seen is a bit of internal handoff ... but I'll point it out, ask the question .... second sample: Received: from cognitiv by ..... third sample: Received: from cognitiv by host.spamungaccessiblehosting.com with local (Exim 4.63) (envelope-from <cognitiv(at)host.spamungaccessiblehosting.com>) that "from cognitiv " seems lacking a bit of detail ..... Link to comment Share on other sites More sharing options...
Wazoo Posted February 21, 2007 Share Posted February 21, 2007 This scratching around in the dark is absurd .... what is needed .. an actual e-mail with header data intact. Somehow force your server to send an e-mail to your SpamCop.net account with a CC: to the other account .... then provide a copy of the received CC: such that the actual / exact / real data can be used to try to track things down .... Link to comment Share on other sites More sharing options...
Ashocka Posted February 21, 2007 Author Share Posted February 21, 2007 You can not get ANY definitive answers in this forum as we are all simply other users here as has been pointed out, including at the top of every page. You need to co-ordiate a test with your sending server and JT, the administrator of the spamcop email server to see what both sides are seeing. Okay, thanks Steve Also, I don't believe you have provided enough evidence for anyone to make a solid gues as to what is happening. You have provided 2 completely different sets of headers and a very limited set of server logs. Okay, I can try another one and I'll get the headers without downloading it, I'll just get it raw off the server. Would that help? IF the second set of headers is what is causing the error message in the server logs from the first post, my best guess is the line: "From - Wed Feb 14 08:13:16 2007" causing the problem. Can you tell me what is the problem there? Is the format not compliant to the specification? Thanks. ............... Geoff Link to comment Share on other sites More sharing options...
Ashocka Posted February 21, 2007 Author Share Posted February 21, 2007 Wazoo: Do you understand plain English... I don't want your input AT ALL. Can't you understand I don't want you posting. If no one else is going to help me fine... but I find your manner most unhelpful... you seem to be deliberatly antagonistic... there's not other rational, either that or you do not understand a simple request. Please butt out. Here's a fresh email Return-path: <cognitiv(atmung)mungme-host.mungme-accessiblehosting.com> Envelope-to: hostacce(atmung)mungme-accessiblehosting.com Delivery-date: Wed, 21 Feb 2007 21:14:16 +1100 Received: from cognitiv by host.mungme-accessiblehosting.com with local (Exim 4.63) (envelope-from <cognitiv(atmung)mungme-host.accessiblehosting.com>) id 1HJoUg-0005Jt-BC for hostacce(atmung)mungme-accessiblehosting.com; Wed, 21 Feb 2007 21:14:16 +1100 To: hostacce(atmung)mungme-accessiblehosting.com Subject: WordPress installation on http://mungme-cognitivity.org From: fantastico(atmung)mungme-cognitivity.org X-Sender: <fantastico(atmung)mungme-cognitivity.org> X-Mailer: PHP X-Priority: 1 Content-Type: text/plain; charset=us-ascii Content-Type: text/plain; charset=iso-8859-1 Message-Id: <E1HJoUg-0005Jt-BC(atmung)mungme-host.mungme-accessiblehosting.com> Date: Wed, 21 Feb 2007 21:14:16 +1100 Link to comment Share on other sites More sharing options...
Wazoo Posted February 21, 2007 Share Posted February 21, 2007 Tell you what .. problem solved. Take it up with JT. As 'help' is not desired, off to the Lounge with this ..... Link to comment Share on other sites More sharing options...
StevenUnderwood Posted February 21, 2007 Share Posted February 21, 2007 Wazoo: Do you understand plain English... I don't want your input AT ALL. Can't you understand I don't want you posting. If no one else is going to help me fine... but I find your manner most unhelpful... you seem to be deliberatly antagonistic... there's not other rational, either that or you do not understand a simple request. Please butt out. Here's a fresh email You either want help, or you don't. You don't get to choose who decides to help you. This is a public forum and anyone in the world can post an answer here. Wazoo has gone beyond what most people can deduce from your information. I also suggest you figure out how to get full headers. This newest sample still has no IP information in the only received line showing. There is absolutely NO WAY this message traveled anywhere over the internet if those are the only headers. It must have stayed inside cognitivity.org. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.