guppy Posted April 5, 2005 Share Posted April 5, 2005 Hi just attemped to report first item of spam after registering with mailhost. Headers say, Received: from orange [127.0.0.1] by orange.tootech.net with ESMTP (SMTPD32-8.15) id A483370292; Tue, 05 Apr 2005 00:57:55 +0100 Received: from ([221.161.206.238]) by orange with SMTP id; Tue, 5 Apr 2005 00:57:55 +0100 and I get the parse results, 0: Received: from ([221.161.206.238]) by orange with SMTP id; Tue, 5 Apr 2005 00:57:55 +0100 No unique hostname found for source: 221.161.206.238 Possible forgery. Supposed receiving system not associated with any of your mailhosts Will not trust anything beyond this header No source IP address found, cannot proceed. so does this mean it's complaining about 221.161.206.238 or that it doesn't like the orange part? slightly confused. Thanks, G. Link to comment Share on other sites More sharing options...
guppy Posted April 5, 2005 Author Share Posted April 5, 2005 just tied another item and get a similar message, so i guess it's complaining about the orange part. manually made it the full orange.tootech.net but it still complained. any ideas? G. Link to comment Share on other sites More sharing options...
StevenUnderwood Posted April 5, 2005 Share Posted April 5, 2005 When you completed the mailhost configuration, did one of the confirmations travel this same path, including the: Received: from orange [127.0.0.1] by orange.tootech.net with ESMTP (SMTPD32-8.15) id A483370292; Tue, 05 Apr 2005 00:57:55 +0100 Received: from ([221.161.206.238]) by orange with SMTP id; Tue, 5 Apr 2005 00:57:55 +0100 Is 221.161.206.238 the actual source of this message? (Is this the entire Received: portion of the message?) Are you running your own server, orange? If so the received line with 221.161.206.238 should have the fqdn (orange.tootech.net) rather than just orange. Link to comment Share on other sites More sharing options...
guppy Posted April 5, 2005 Author Share Posted April 5, 2005 Yes 221.161.206.238 is the actual sender. For some reason the spam filtering software is not putting the full host name in the headers. the ventor is investigating this. however even if i manually make it orange.tootech.net then spamcop still complains. and yes it is our own server. G. Link to comment Share on other sites More sharing options...
turetzsr Posted April 5, 2005 Share Posted April 5, 2005 ...Is the discussion in Mailhosts problem of any help? Link to comment Share on other sites More sharing options...
Wazoo Posted April 5, 2005 Share Posted April 5, 2005 Moved this to MailHopst Forum section, based on what I'm reading. There is a "process" involved with "registering" your account with the MailHost configuration. Was this process actually completed? (Noting that instructions include a bit of a wait and then proceed slowly to insure that it all worked out correctly.) You can help save some disk/screen space and allow a bit better interpretation of the actual results by providing a Tracking URL of a problem parse. But, as the error/failure seems to be occurring on "line 0" it does appear that the MailHost configuration is not complete. There may be something that can be accomplished by following instructions offered in the Pinned items in this Forum section, but ...???? Link to comment Share on other sites More sharing options...
guppy Posted April 5, 2005 Author Share Posted April 5, 2005 could it be that the mx records for the domain receiving the email is smtp.tootech.net yet the machine that really says it's receiving the email it orange.tootech.net? they are one in the same. also, http://www.spamcop.net/sc?id=z749386087zf7...4c007e662e99e3z Link to comment Share on other sites More sharing options...
StevenUnderwood Posted April 5, 2005 Share Posted April 5, 2005 If the mailhost configuration is complete and correct, then that will have no bearing at all because the hostname and IP for orange will be in the mailhost configuration and it will know those are your servers with no external loookup. Even with NO mailhost configuration, this should not matter. You did complete the configuration, returning the probe and receiving the confirmation, correct? Link to comment Share on other sites More sharing options...
guppy Posted April 5, 2005 Author Share Posted April 5, 2005 yes it even deleted the host and did it again pasting the text directly out of the mailbox file in to the box provided which was verified. when i goto my mailhost tab on the web site the Hosts/Domains: dropdown is blank, however the Relaying IPs: is completed correctly. Link to comment Share on other sites More sharing options...
Wazoo Posted April 5, 2005 Share Posted April 5, 2005 Geeze ... doing some search on data seen from your Tracking URL (thanks) ... can you possibly explain the following numbers? http://www.senderbase.org/?searchBy=ipaddr...g=61.173.85.149 Volume Statistics for this IP Magnitude Vol Change vs. Average Last day ........ 3.6 .. 7643% Last 30 days .. 2.6 ... 654% Average ........ 1.7 Not sure I even want to ask why a Domain registered in GB wants to use an e-mail server on a ChinaNet IP Block ....??? OK, now that I've got your attention <g> ..... you should note that the "problem" boils down to there being only one routable IP address seen within those headers, and this is the line that does not include any real data on just who received the incoming .... So yes, I'd say the problem is the lack of a FQDN (Fully Qualified Domain Name) .. though not sure why the MailHost configuration didn't work .. I'd say it's time to follow the instructions found in the Pinned entries for some special attention. On the other hand, I went to 'play' with your sample ... noted the "Outlook/Eudora work-around" in use ... wondering if that might have something to do with your "test" not working ..??? I ask, as the parse I accomplished went through just fine .. see http://www.spamcop.net/sc?id=z749444608zad...17eb2ae935916cz Link to comment Share on other sites More sharing options...
guppy Posted April 6, 2005 Author Share Posted April 6, 2005 Not sure I even want to ask why a Domain registered in GB wants to use an e-mail server on a ChinaNet IP Block ....??? That IP has nothing to do with us, our servers are in the UK, that was the spammer. So it sounds like if our spam filters put the full domain in we'll be okay. Interestingly, when I change the orange to smtp.tootech.net which is the public address in the MX records (same machine) then it still fails when I played with it. I'll chase the spam vendor and try again.if after that then I guess I'll trawl through the pinned posts to see if theres anything esle that we can do. Other option is not to report spam, which would seem a shame. G. Link to comment Share on other sites More sharing options...
Wazoo Posted April 6, 2005 Share Posted April 6, 2005 That IP has nothing to do with us, our servers are in the UK, that was the spammer. Correct. Too many things on the plate here, the latest is trying to fix an iBook power connector, and disassembly of this thing ... well, kudos to the &*^%$ engineering staff that designed this thing and the *&%^$ proprietary compinents used for supplying DC power ... anyway, corrected my jumping through the wrong hoop with the "now that I've got your attention" edit and additional data. So it sounds like if our spam filters put the full domain in we'll be okay. Interestingly, when I change the orange to smtp.tootech.net which is the public address in the MX records (same machine) then it still fails when I played with it. it wasn't smtp.tootech.net that I used???? Had to re-look at my Tracking URLs .. I used orange.tootech.net I'll chase the spam vendor and try again.if after that then I guess I'll trawl through the pinned posts to see if theres anything esle that we can do. Other option is not to report spam, which would seem a shame. There aren't that many amd at least two of them offer the same 'final solution' ... and that involves Ellen <g> On the other hand, I don't recall a great outcome for the other user, but that was a whole different attitude going on there also ... Link to comment Share on other sites More sharing options...
Ellen Posted April 11, 2005 Share Posted April 11, 2005 That IP has nothing to do with us, our servers are in the UK, that was the spammer. So it sounds like if our spam filters put the full domain in we'll be okay. Interestingly, when I change the orange to smtp.tootech.net which is the public address in the MX records (same machine) then it still fails when I played with it. I'll chase the spam vendor and try again.if after that then I guess I'll trawl through the pinned posts to see if theres anything esle that we can do. Other option is not to report spam, which would seem a shame. G. 26332[/snapback] OK I made some changes to the mailhost. The spam now parses. Link to comment Share on other sites More sharing options...
Jeff G. Posted April 11, 2005 Share Posted April 11, 2005 Thanks, Ellen! Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.