Jump to content

Help with: Possible forgery. Supposed receiving system not associated with any of your mailhosts


Recommended Posts

Hello,

I am receiving bounced spam which had used my email address as the reply to address. As this bounced spam is unsolicited I report much of it to SpamCop. However many of the reports are not accepted with the following error:

 
Quote
Parsing header:
0: Received: from mail.modares.ac.ir ([194.225.166.4]) by mx.kundenserver.de (mxeueus001) with ESMTPS (Nemesis) id 0LyC7H-1bHSCo3jgj-015ZGX for <x>; Tue, 12 Jul 2016 18:41:44 +0200

Hostname verified: mx.modares.ac.ir

Possible forgery. Supposed receiving system not associated with any of your mailhosts

Will not trust this Received line.

Mailhost configuration problem, identified internal IP as source

Mailhost:
Please correct this situation - register every email address where you receive spam

No source IP address found, cannot proceed.

Is that because mx.kundenserver.de is not associated with my mailhost?  My hosting company is 1and1, I think that mx.kundenserver.de is associated with 1and1.

This is the header of the email that generated the error above:

Quote

Return-Path: <Postmaster@modares.ac.ir> Received: from mail.modares.ac.ir ([194.225.166.4]) by mx.kundenserver.de (mxeueus001) with ESMTPS (Nemesis) id 0LyC7H-1bHSCo3jgj-015ZGX for <x>; Tue, 12 Jul 2016 18:41:44 +0200 X-spam-Processed: mail.modares.ac.ir, Tue, 12 Jul 2016 21:10:17 +0430 X-spam-Level: * X-spam-Status: No, score=1.6 required=4.0 tests=BAYES_50,NO_RELAYS, URIBL_BLOCKED shortcircuit=no autolearn=no version=3.3.2 X-spam-Report: * 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. * See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block * for more information. * [URIs: modares.ac.ir] * -0.0 NO_RELAYS Informational: message was not relayed via SMTP * 1.6 BAYES_50 BODY: Bayes spam probability is 40 to 60% * [score: 0.5000] X-spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) Received: from mail.modares.ac.ir by mail.modares.ac.ir (via RAW) (MDaemon PRO v14.5.2) for <x>; Tue, 12 Jul 2016 21:10:17 +0430 Date: Tue, 12 Jul 2016 21:10:17 +0430 Reply-To: Postmaster@modares.ac.ir From: Postmaster@modares.ac.ir Subject: MDaemon Notification -- Attachment Removed

 

 

This is what SpamCop displays when it processes one of these bounced messages correctly
 

Quote

Parsing header:

0: Received: from NAM01-SN1-obe.outbound.protection.outlook.com ([104.47.32.217]) by mx.perfora.net (mxeueus002) with ESMTPS (Nemesis) id 0MLxG6-1bSXmZ3opI-007ktp for <x>; Tue, 12 Jul 2016 18:53:32 +0200

Hostname verified: mail-sn1nam01hn0217.outbound.protection.outlook.com
1&1 received mail from sending system 104.47.32.217

 

Thanks,

Clive

 

 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...