Wrong Planet Posted August 13, 2017 Share Posted August 13, 2017 I've been getting a bunch of spam that cannot be processed. The messages I get are; Mailhost configuration problem, identified internal IP as source No source IP address found Nothing to do. I don't want to publicly post the email headers. I just need some advice on what to look for or perhaps what I can do about this. Thanks. Link to comment Share on other sites More sharing options...
gnarlymarley Posted August 13, 2017 Share Posted August 13, 2017 I usually see this when the spammer is using my local email provider. Since spamcop is external to my email provider, I have to use the "report spam" button to get it sent to the postmaster to deal with. Before the report spam buttons and back around when spamcop began, we used to forward those emails to abuse@[relatedISP].com. Link to comment Share on other sites More sharing options...
Wrong Planet Posted August 13, 2017 Author Share Posted August 13, 2017 Just to confirm, you're saying that the spam is originating from the same place that is hosting my email account??? Link to comment Share on other sites More sharing options...
Wrong Planet Posted August 14, 2017 Author Share Posted August 14, 2017 I contacted the folks that are hosting my email. I could tell that the tech support guys was "outsourced" and he didn't seem to be interested in the issue but he at least let me email him a file with all the header info, I haven't seen any let up in the frequency of these "orphaned" emails nor have they contacted me back. In a about a 13 hour period overnight I received 28 spam emails and 11 of those I couldn't report because of no source IP.. All emails are essentially the same subject about some kind of brain boosting pill and all emails are formatted in plain text. Without giving up any of my personal info here's a snippet of what I'm receiving; Received: from localhost (localhost.localdomain [127.0.0.1]) by mail.grupoitm.lan (Postfix) with ESMTP id 5C766FAB454; Mon, 14 Aug 2017 03:48:58 -0600 (CST) Received: from mail.grupoitm.net ([127.0.0.1]) by localhost (mail.grupoitm.lan [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3xff6aC6fjRp; Mon, 14 Aug 2017 03:48:57 -0600 (CST) Received: from [127.0.0.1] (unknown [84.238.197.88]) by mail.grupoitm.lan (Postfix) with ESMTPSA id A7E26FAB458; Mon, 14 Aug 2017 03:44:12 -0600 (CST) Received: from mail.grupoitm.net ([190.148.69.250]) by mx.perfora.net ############### My host's address and "To" info Subject: Boost your intelligence thanks to these tablets Date: Mon, 14 Aug 2017 05:44:14 -0400 Message-ID: <646B5A86.4477323@grupoitm.net> MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit Link to comment Share on other sites More sharing options...
Wrong Planet Posted August 16, 2017 Author Share Posted August 16, 2017 Here's a status update. I got a note from the tech support folks where I host my email and it said... Quote Just an update regarding on the spam emails, if the spam messages has been lessened. I'm not exactly sure what that means but the good news is I haven't had any orphaned (No source IP) emails in about 24 hours now. As a matter of fact the quantity and frequency of spam has suddenly decreased to almost nothing. So I guess we'll see how long things remain quiet until the spammers gear up again. Link to comment Share on other sites More sharing options...
Wrong Planet Posted August 18, 2017 Author Share Posted August 18, 2017 They're back at it this morning. Getting a steady influx of the IP missing emails. Sent a tech support request to my provider to see if they can make anything out of it. The peace and quiet was nice while it lasted. Oh yeah, the other brain booster spams had quieted down too but they're cranking back up also. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.