gabrielt
-
Posts
9 -
Joined
-
Last visited
Content Type
Profiles
Forums
Events
Posts posted by gabrielt
-
-
-
I found the culprit! Many thanks for your help!
It was a bug with our qmail installation!
The header in our received emails were malformed.
They had a line like this:
Received: from unknown (HELO somedomain.com) (a.b.c.d) by 0 with SMTP; 5 Jul 2019 19:08:08 -0300Instead of:
Received: from unknown (HELO somedomain.com) (a.b.c.d) by mail.ourdomain.com with SMTP; 5 Jul 2019 19:08:08 -0300Note how the variable for our FQDN was empty, so no wonder SpamCop was complaining that could found our mailhost in the headers. So the error message was absolutely correct!
And also, I finally understood what you guys meant by "path": it is simply the sequence of "Received:" headers inside the email.
Once again, thank you so much your time. MIG's answer turned on a light bulb in my head that the email header might be malformed and...bingo!
I hope this topic helps other SpamCop users in the future.
Cheers,
Gabriel.
-
@MIG I think your pointers were great. Probably the changes I did added new X-spam headers with software version numbers that might be throwing SpamCop's parser off (i.e., interpreting software version numbers as IP addresses). I will try to disable all X-spam headers and try again. Will keep you guys posted. Many thanks for all your help! You guys are great!
-
Hi @Lking
I got lost on your explanation. I don't quite get what you (and the documentation) mean by "path taken". The spams are reported from within each user's mailbox. All of them use the same domain name (@ourdomain.com in this example). The email spamcop[at]ourdomain.com is used only to send the reports to SpamCop via SpamAssassin (spamcop_from_address spamcop[at]ourdomain.com), and that is the email SpamCop sends those confirmation emails:
At our Mailhosts configuration, that is the email configured to receive the reports:
Mailhost name: ourdomain.com Email address: spamcop[at]ourdomain.com Hosts/Domains: ourdomain.com Relaying IPsv4: [IPv4 addess of our email server]1 hour ago, Lking said:Is email to spamcop[at]ourdomain.com now follow a different path than other email?
Nope. A regular mailbox like any other in our system.
1 hour ago, Lking said:I think an in depth review of what you tweaked is in order.
I don't really know what could be the cause of this, since I am not being able to see what SpamCop is getting from our server (i.e., the emails/reports we are sending to the special submit email address)... So I don't know exactly what is triggering the error message...
Thanks!
-
Hi @Lking
I read and re-read this page but couldn't undestand it very well, the text is quite confusing IMHO.
I configured the Mailhost in the SpamCop control panel by simply following the instructions, where SpamCop sends an email to spamcop@ourdomain.com and we have to enter its header and body in a form, and everything is configured. In the Mailhosts tab, I see our server and its IP address correctly configured there.
The way we report spam is as follows.
Users in our system mark emails as spam. These emails are then reported to SpamCop using spamassassin -r. That's it. When the text in the page you linked above talks about "accounts", I got lost. I don't know what the text is talking about. I don't know if I need to create one Mailhost configuration for each user (email address) in our system or what.
Thank you very much for your help!
-
Hi @Lking
The problem is that I can't hit Submit, as it gives an error. At the link that is sent out to us, there is no way to see the contents of the message, or at least I couldn't find one.
Anyway, we have this error message, can't submit/confirm the spam we are sending to SpamCop and have no clue on how to fix/debug this.
Please refer to the following screenshot for better undestanding the issue.
1. SpamAssassin reports the spam
2. We get a confirmation email, with the link for us to confirm/report the spam that was reported by SpamAssassin
3. We click the link and get the error message I explained in the first post:
4. If I click "Report Now", the same page is reloaded, with a different id/hash.
Thank you in advance.
-
1 hour ago, Lking said:
You should be able to log into your reporting account and click on the <Past Reports> tab.
In the Past Reports, the recent reports are shown as "No reports filed", since I wasn't able to submit them as explained above. So, there is no link that allows me to see what was sent to SpamCop. See screenshot below.
-
Hello,
We've been reporting spam to SpamCop for years, using SpamAssassin's reporting capability to our own spamcop.net submission email address.
Basically we have a scri_pt that goes to all users spam folder and run:
spamassassin -r < email_fileSpamAssassin is correctly configured with
spamcop_from_address spamcop@ourdomain.com spamcop_to_address submit.XXXXXXXXXXXX@spam.spamcop.netAs I said, this has been working fine for years.
However, we've started seeing the following errors after clicking on the confirmation link sent to our spamcop@ourdomain.com email:
QuoteMailhost configuration problem, identified internal IP as source
No source IP address found, cannot proceed.
Nothing to do.
Our mailhost is correctly configured, and I even deleted it and configured it again, at no avail.
Sample confirmation URL for you guys to take a look at: https://www.spamcop.net/sc?id=z6557766050z3c1f36e50c5140df21e4fdbf0d568a5cz
I am not able to find any option to see the original email SpamAssassin sent to SpamCop, so I am not being able to debug this.
As a test, I tried sending a spam email manually from the shell prompt (without using SpamAssassin), and got the same result.
The only thing that I can think of is that we tweaked our email server a couple of weeks ago, and maybe that are some SpamAssassin-related hidden headers in the email that we end up forwarding that probably should have been removed.
I'd appreciate any help/pointers.
Thanks,
Gabriel.
Is there a way to automate report submission?
in SpamCop Reporting
Posted
Hello,
We've been using SpamCop for years now, and here we use spamassassin -r to report spams directly to SpamCop. However, this procedure results in confirmation emails such as:
Because of that, we need to have an employee to manually confirm each one of the reports. In a system that receives a small amount of spam that isn't caught by SpamAssassin, this may be o.k., but even with all our daily efforts to improve SpamAssassin accuracy by creating new rules and a bunch of techniques (SPF, DKIM, RBL, fail2ban etcetera), we still have hundreds of spams that go through our users' mailboxes weekly.
Is there a way to approve automatically all reports we send, without human intervention?
Cheers,
Gabriel.