Tesseract Posted June 4, 2020 Share Posted June 4, 2020 https://www.spamcop.net/sc?id=z6637142364zdc54ead736a47ce567fa990ae31abf26z The actual originating IP seems to be 95.70.49.44, but hop 7 seems to be mis-parsed. It's an internal handoff with no IP address given, and the parser is pulling out part of "Oracle Communications Messaging Server 8.1.0.5.20200312" and treating it as the IP address 8.1.0.5. I'm not sure whether that Received header is RFC-compliant, but this seems problematic either way. Quote Link to comment Share on other sites More sharing options...
Tesseract Posted August 14, 2020 Author Share Posted August 14, 2020 It happened again today: https://www.spamcop.net/sc?id=z6645759962zf8698377d1581a4b17606f61a9f5575bz Quote Link to comment Share on other sites More sharing options...
petzl Posted August 15, 2020 Share Posted August 15, 2020 18 hours ago, Tesseract said: It happened again today: https://www.spamcop.net/sc?id=z6645759962zf8698377d1581a4b17606f61a9f5575bz 17.128.115.105 17.171.2.60 both are Apple addresses yours? Scan your device 85.143.166.232abuse actuall abuse address is abuse[AT]comfortel[DOT]pro The address it is sent to has been coded into SpamCop two years ago? Quote Link to comment Share on other sites More sharing options...
Snowbat Posted October 27, 2020 Share Posted October 27, 2020 (edited) On 6/4/2020 at 5:15 AM, Tesseract said: I'm not sure whether that Received header is RFC-compliant, but this seems problematic either way. Both Postfix and Sendmail insert text in parentheses at that point so I doubt that it's non-compliant. SpamCop's code to identify a valid IPv4 address is clearly flawed/incomplete though. Edited October 27, 2020 by Snowbat Quote Link to comment Share on other sites More sharing options...
petzl Posted October 27, 2020 Share Posted October 27, 2020 15 minutes ago, Snowbat said: Both Postfix and Sendmail insert text in parentheses at that point so I doubt that it's non-compliant. SpamCop's code to identify a valid IPv4 address is clearly flawed/incomplete though. https://www.spamcop.net/sc?id=z6645759962zf8698377d1581a4b17606f61a9f5575bz Seems working now? Quote Link to comment Share on other sites More sharing options...
gnarlymarley Posted October 29, 2020 Share Posted October 29, 2020 On 10/27/2020 at 2:31 PM, petzl said: https://www.spamcop.net/sc?id=z6645759962zf8698377d1581a4b17606f61a9f5575bz Seems working now? Doesn't appear to be fixed. I see line #7 has the problem still 7: Received: from process_milters-daemon.rn-mailsvcp-relay-lapp04.rno.apple.com by rn-mailsvcp-relay-lapp04.rno.apple.com (Oracle Communications Messaging Server 8.1.0.6.20200729 64bit (built Jul 29 2020)) id <0QF100500ALEFW00@rn-mailsvcp-relay-lapp04.rno.apple.com> for x (ORCPT x); Thu, 13 Aug 2020 20:24:51 -0700 (PDT) No unique hostname found for source: 8.1.0.6 mac.com received mail from sending system 8.1.0.6 Quote Link to comment Share on other sites More sharing options...
petzl Posted November 6, 2020 Share Posted November 6, 2020 On 10/29/2020 at 12:34 PM, gnarlymarley said: Doesn't appear to be fixed. I see line #7 has the problem still 7: Received: from process_milters-daemon.rn-mailsvcp-relay-lapp04.rno.apple.com by rn-mailsvcp-relay-lapp04.rno.apple.com (Oracle Communications Messaging Server 8.1.0.6.20200729 64bit (built Jul 29 2020)) id <0QF100500ALEFW00@rn-mailsvcp-relay-lapp04.rno.apple.com> for x (ORCPT x); Thu, 13 Aug 2020 20:24:51 -0700 (PDT) No unique hostname found for source: 8.1.0.6 mac.com received mail from sending system 8.1.0.6 ? process_milters-daemon.rn-mailsvcp-relay-lapp04.rno.apple.com --- 11/06/20 10:59:48 AUS Eastern Summer Time --- reading URL process_milters-daemon.rn-mailsvcp-relay-lapp04.rno.apple.com --- error: Host not found Quote Link to comment Share on other sites More sharing options...
gnarlymarley Posted November 6, 2020 Share Posted November 6, 2020 6 minutes ago, petzl said: ? process_milters-daemon.rn-mailsvcp-relay-lapp04.rno.apple.com --- 11/06/20 10:59:48 AUS Eastern Summer Time --- reading URL process_milters-daemon.rn-mailsvcp-relay-lapp04.rno.apple.com --- error: Host not found I wonder if it is considered an "internal IP". It is interesting that it picks up the 8.1.0.6 IP from what appears to be a software version number. Server 8.1.0.6.20200729 64bit Probably a regex border issue seeing the period as an end of sentence? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.