Jump to content

no from Ignored No source IP address found, cannot proceed.


Ricardo_63

Recommended Posts

5 hours ago, Ricardo_63 said:

It seems some mails could not be report because can’t find such information as; source ip address.

Question; Spamcop on reporting spam system is not updated to such kind of issues?

Would help if you copy and pasted the "Tracking URL"

Looks like you are not getting full headers?

Link to comment
Share on other sites

14 hours ago, petzl said:

Would help if you copy and pasted the "Tracking URL"

Looks like you are not getting full headers?

Thanks!!!
I paste spam mail code and spamcop process spam report 

Received spam mail code 

Return-path: <investor@bit.com>
Received: by smtp50.i.mail.ru with esmtpa (envelope-from <investor@bit.com>)
        id 1hYpA1-0003xK-Q2
        for mbpause@zeop.re; Wed, 10 Jun 2021 15:41:07 GMT +0300
Message-ID: <285019b54194beba0603b519f7b399b340d04f@bk.ru>
From: "BTC Investor" <investor@bit.com>
To: mcgrath@arnet.com.ar
Subject: Bitcoin is on the move!
Date: Wed, 15 Jun 2021 15:41:07 GMT +0300
MIME-Version: 1.0
Content-Type: multipart/related; boundary="803871dd29fcd6d26e6bdd719fdbf1db30ff16"
Authentication-Results: smtp50.i.mail.ru; auth=pass smtp.auth=investor@bit.com smtp.mailfrom=investor@bit.com
X-77F55803: E14BCC6235C710295A78504BD2AC2941F05A5EBCEA5E0924C1AE6AD3D51F1C79E91994FEA9EFF733665C54954CA5BF1E
X-7FA49CB5: 0D63561A33F958A583E8EE167FA1EAFAC1E5EFFA54989DA7D22C7E9AD9851E3E8941B15DA834481FA18204E546F3947C1D471462564A2E19F6B57BC7E64490618DEB871D839B7333395957E7521B51C2545D4CF71C94A83E9FA2833FD35BB23D27C277FBC8AE2E8B2EE5AD8F952D28FBA471835C12D1D977C4224003CC8364767815B9869FA544D8D32BA5DBAC0009BE9E8FC8737B5C2249DE948F92AE8D0DCE3AA81AA40904B5D9CF19DD082D7633A093541453170D46FCD81D268191BDAD3D78DA827A17800CE7FBD191866EBACF7ECD04E86FAF290E2DBBC930A3941E20C675ECD9A6C639B01B78DA827A17800CE7110FAF72A7DF85C008631BAA6C15472E75ECD9A6C639B01B4E70A05D1297E1BBC6867C52282FAC85B5698D31FB5189B627F269C8F02392CD5571747095F342E88FB05168BE4CE3AF
X-Mailru-Sender: 6EE70079D60A78E3C1F74EC65A080FA3E02F15DF162A3F62FB77C500AF1DDCF1B190A9C544053B290B8E95FCF4F44778A3A5FE8BFD2D97DF9E384AEAC48947C982BADC8C81B4096447D07AD2EF2904BEEAB4BC95F72C04283CDA0F3B3F5B9367
X-Mras: OK
X-Senderinfo: 29858
X-Mailru-Intl-Transport: d,952411a

--803871dd29fcd6d26e6bdd719fdbf1db30ff16
Content-Type: multipart/alternative; boundary="ab5118b44195b724f8fdb40266b2be30f63d"


--ab5118b44195b724f8fdb40266b2be30f63d
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

Good day.
Did you know that the prices of Bitcoin have been steadily increasing? A =
lot of people have missed it and it hasn=E2=80=99t been covered by the in=
ternational press. However, for those in the loop, they know that making =
an investment now could be the best decision of their lives.

Want to try it out for yourself and see what happens when Bitcoin takes o=
ff? Then there=E2=80=99s now a new platform which makes investing in Bitc=
oin, easier than ever.
Sign up now and see just how quick and easy it is to start trading Bitcoi=
n today!

Your new life is just around the corner,
BTC Investor News

--ab5118b44195b724f8fdb40266b2be30f63d
Content-Type: text/html; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

<HTML><HEAD>
<META http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dutf-8">
</HEAD>
<BODY bottomMargin=3D5 leftMargin=3D5 rightMargin=3D5 topMargin=3D5=20
bgColor=3D#ffffff><FONT color=3D#000000 size=3D2 face=3D"Courier New">
<DIV align=3Dcenter>
<TABLE borderColor=3D#000000 cellSpacing=3D0 cellPadding=3D0 border=3D0>
  <TBODY>
  <TR vAlign=3Dtop>
    <TD width=3D529><FONT color=3D#000000 size=3D2 face=3D"Courier New">
      <DIV align=3Dcenter><FONT size=3D3 face=3DArial><A=20
      href=3D"http://1111111111.bmetrack.com/c/l?u=3DA6E30D0&e=3D107A252&c=
=3D12A1ED&t=3D1&l=3D4451B429&email=3Daaaaaaaaaaaaaaaaaaaaaaaaaaaaa&seq=3D1"=
><IMG=20
      border=3D0 hspace=3D0 alt=3D"" src=3D"cid:c9a020ed3c63dcb55532697bf@b=
k.ru" width=3D185 height=3D66=20
      3D0></A></FONT></DIV>
      <DIV><FONT size=3D3 face=3DArial></FONT>&nbsp;</DIV>
      <DIV><FONT size=3D3 face=3DArial>Good day.<BR><BR>Did you know that t=
he prices of Bitcoin have been steadily increasing? A lot of people have mi=
ssed it and it hasn=E2=80=99t been covered by the international press. Howe=
ver, for those in the loop, they know that making an investment now could b=
e the best decision of their lives. </FONT></DIV>
      <DIV>&nbsp;</DIV>
      <DIV><FONT size=3D3 face=3DArial>Want to try it out for yourself and =
see what happens when Bitcoin takes off? Then there=E2=80=99s now a new pla=
tform which makes investing in Bitcoin, easier than ever.  <BR><A=20
      href=3D"http://1111111111.bmetrack.com/c/l?u=3DA6E30D0&e=3D107A252&c=
=3D12A1ED&t=3D1&l=3D4451B429&email=3Daaaaaaaaaaaaaaaaaaaaaaaaaaaaa&seq=3D1"=
><STRONG>Sign=20
      up now</STRONG></A> and see just how quick and easy it is to start tr=
ading=20
      Bitcoin today!</FONT></DIV>
      <DIV>&nbsp;</DIV>
      <DIV><FONT size=3D3 face=3DArial>Your new life is just around the cor=
ner,=20
      <BR>BTC Investor News</FONT></DIV>
      <DIV><FONT size=3D3 face=3DArial></FONT>&nbsp;</DIV>
      <DIV align=3Dcenter><FONT size=3D3 face=3DArial><A=20
      href=3D"http://1111111111.bmetrack.com/c/l?u=3DA6E30D0&e=3D107A252&c=
=3D12A1ED&t=3D1&l=3D4451B429&email=3Daaaaaaaaaaaaaaaaaaaaaaaaaaaaa&seq=3D1"=
><IMG=20
      border=3D0 hspace=3D0 alt=3D"" src=3D"cid:2a0787df29bcbddb9a48c4b142@=
bk.ru" width=3D92=20
      height=3D44></A></FONT></DIV>
      <DIV><FONT size=3D3=20
face=3DArial></FONT>&nbsp;</DIV></FONT></TD></TR></TBODY></TABLE></DIV></FO=
NT>
<IMG width=3D1 height=3D1 alt=3D"" src=3D"https://www.nhuadongnai.vn/wp-con=
tent/uploads/2020/04/sh_v.php?sub=3D777&mail=3Dmcgrath@arnet.com.ar">
</BODY></HTML>


--ab5118b44195b724f8fdb40266b2be30f63d--

--803871dd29fcd6d26e6bdd719fdbf1db30ff16
Content-Type: image/png; name="k.png"
Content-Transfer-Encoding: base64
Content-ID: <c9a020ed3c63dcb55532697bf@bk.ru>

iVBORw0KGgoAAAANSUhEUgAAALkAAABCCAYAAAAL+HeGAAABzmlUWHRYTUw6Y29tLmFkb2JlLnht
cAAAAAA…………………………….==
--803871dd29fcd6d26e6bdd719fdbf1db30ff16

Content-Type: image/png; name="zvky.png"
Content-Transfer-Encoding: base64
Content-ID: <2a0787df29bcbddb9a48c4b142@bk.ru>

iVBORw0KGgoAAAANSUhEUgAAAFwAAAAsCAYAAADozd+ZAAAAAXNSR0IArs4c6QAAAARnQU1BAACx
……………………….OBkJJyPhVJz7AW1C+hK3OhilAAAAAElFTkSuQmCC
--803871dd29fcd6d26e6bdd719fdbf1db30ff16--

Spamcop spam process returned page info

 

SpamCop v 5.1.0 © 2020 Cisco Systems, Inc. All rights reserved.
Here is your TRACKING URL - it may be saved for future reference:
https://www.spamcop.net/sc?id=z6642947923z6d9895034f835eced8ac22b50e215d41z
Skip to Reports
Return-path: <investor@bit.com>
Received: by smtp50.i.mail.ru with esmtpa (envelope-from <investor@bit.com>)
        id 1hYpA1-0003xK-Q2
        for x; Wed, 10 Jun 2021 15:41:07 GMT +0300
Message-ID: <2850______________________________d04f@bk.ru>
From: "BTC Investor" <investor@bit.com>
To: x
Subject: Bitcoin is on the move!
Date: Wed, 15 Jun 2021 15:41:07 GMT +0300
MIME-Version: 1.0
Content-Type: multipart/related; boundary="803871dd29fcd6d26e6bdd719fdbf1db30ff16"
Authentication-Results: smtp50.i.mail.ru; auth=pass smtp.auth=investor@bit.com smtp.mailfrom=investor@bit.com
X-77F55803: E14BCC6235C710295A78504BD2AC2941F05A5EBCEA5E0924C1AE6AD3D51F1C79E91994FEA9EFF733665C54954CA5BF1E
X-7FA49CB5: 0D63561A33F958A583E8EE167FA1EAFAC1E5EFFA54989DA7D22C7E9AD9851E3E8941B15DA834481FA18204E546F3947C1D471462564A2E19F6B57BC7E64490618DEB871D839B7333395957E7521B51C2545D4CF71C94A83E9FA2833FD35BB23D27C277FBC8AE2E8B2EE5AD8F952D28FBA471835C12D1D977C4224003CC8364767815B9869FA544D8D32BA5DBAC0009BE9E8FC8737B5C2249DE948F92AE8D0DCE3AA81AA40904B5D9CF19DD082D7633A093541453170D46FCD81D268191BDAD3D78DA827A17800CE7FBD191866EBACF7ECD04E86FAF290E2DBBC930A3941E20C675ECD9A6C639B01B78DA827A17800CE7110FAF72A7DF85C008631BAA6C15472E75ECD9A6C639B01B4E70A05D1297E1BBC6867C52282FAC85B5698D31FB5189B627F269C8F02392CD5571747095F342E88FB05168BE4CE3AF
X-Mailru-Sender: 6EE70079D60A78E3C1F74EC65A080FA3E02F15DF162A3F62FB77C500AF1DDCF1B190A9C544053B290B8E95FCF4F44778A3A5FE8BFD2D97DF9E384AEAC48947C982BADC8C81B4096447D07AD2EF2904BEEAB4BC95F72C04283CDA0F3B3F5B9367
X-Mras: OK
X-Senderinfo: 29858
X-Mailru-Intl-Transport: d,952411a
View entire message 
Parsing header:

Received:  by smtp50.i.mail.ru with esmtpa (envelope-from <investor@bit.com>) id 1hYpA1-0003xK-Q2 for x; Wed, 10 Jun 2021 15:41:07 GMT +0300
no from
Ignored
No source IP address found, cannot proceed.
Add/edit your mailhost configuration
Finding full email headers
Submitting spam via email (may work better)
Example: What spam headers should look like
Nothing to do.
 

Link to comment
Share on other sites

9 hours ago, Ricardo_63 said:

Return-path: <investor@bit.com>
Received: by smtp50.i.mail.ru with esmtpa (envelope-from <investor@bit.com>)
        id 1hYpA1-0003xK-Q2

Came from 94.100.177.110  abuse[AT]corp.mail[DOT]ru
Not seeing your received IP your receiving email server?
Add/edit your mailhost configuration  log in to SpamCop click TAB  Mailhosts
Before you Submit a spam Top of page is tracking URL - example
https://www.spamcop.net/sc?id=z6642853265z193d6fb05ee9b701404ec2d508af48b0z

Link to comment
Share on other sites

4 hours ago, Ricardo_63 said:

I presume my mail server use one of them.

SpamCop has them ALL whitelisted/won't report them. So your mailhosts seem ok. 
Assuming you clicked add new hosts and received a email, to which you clicked the embedded link?
https://www.spamcop.net/sc?id=z6642947923z6d9895034f835eced8ac22b50e215d41z

Your ISP has not stamped it's own IP "received: by"? example below
https://www.spamcop.net/sc?id=z6643015246zbc86c5610081722fba5bae72dba9b145z

Edited by petzl
Link to comment
Share on other sites

On 7/22/2020 at 7:35 AM, Ricardo_63 said:

Here is your TRACKING URL - it may be saved for future reference:
https://www.spamcop.net/sc?id=z6642947923z6d9895034f835eced8ac22b50e215d41z

From what I see on your tracking URL, there are some missing Received lines.  I see you have the Received and by sections, but no from section.

Received: by smtp50.i.mail.ru with esmtpa (envelope-from <investor@bit.com>)

I would expect to see a like such as the following where it has the from:

Received: from [IP.add.re.ss] (helo=server.name.org) by smtp50.i.mail.ru with esmtpa (envelope-from <investor@bit.com>)

SpamCop uses the part between the from  and the by to determine the message source.

Link to comment
Share on other sites

3 hours ago, Ricardo_63 said:

after done it appeared on the MailHosts list, but it showing nine hosts

thats normal
you need to contact your ISP to get it to stamp  it's own IP "received: by"?
example below

https://www.spamcop.net/sc?id=z6643015246zbc86c5610081722fba5bae72dba9b145z
 

Delivered-To: x
Received: by 2002:a0c:9b89:0:0:0:0:0 with SMTP id o9csp1186644qve;

 

Edited by petzl
Link to comment
Share on other sites

8 hours ago, gnarlymarley said:

From what I see on your tracking URL, there are some missing Received lines.  I see you have the Received and by sections, but no from section.


Received: by smtp50.i.mail.ru with esmtpa (envelope-from <investor@bit.com>)

I would expect to see a like such as the following where it has the from:


Received: from [IP.add.re.ss] (helo=server.name.org) by smtp50.i.mail.ru with esmtpa (envelope-from <investor@bit.com>)

SpamCop uses the part between the from  and the by to determine the message source.

That's the point,  where spammers it seems almost step ahead, masking mails without possibility to reported.

Link to comment
Share on other sites

8 hours ago, petzl said:

thats normal
you need to contact your ISP to get it to stamp  it's own IP "received: by"?
example below

https://www.spamcop.net/sc?id=z6643015246zbc86c5610081722fba5bae72dba9b145z
 


Delivered-To: x
Received: by 2002:a0c:9b89:0:0:0:0:0 with SMTP id o9csp1186644qve;

 

Well, that is difficult to explain to ISP, I have claim about spam emails and they told it have spam protection against to spam mails, but clearly spammers can override ISP spam protection.

That’s reason why I report each spam mail to SpamCop.

Link to comment
Share on other sites

9 hours ago, Ricardo_63 said:

Well, that is difficult to explain to ISP, I have claim about spam emails and they told it have spam protection against to spam mails, but clearly spammers can override ISP spam protection.

That’s reason why I report each spam mail to SpamCop.

Well I don't see the "received by"  line 
Which should be followed with the
"Received: from" vedicisland.com (vedicisland.com. [77.32.212.194])
As with this example (Gmail)
https://www.spamcop.net/sc?id=z6643015246zbc86c5610081722fba5bae72dba9b145z

Link to comment
Share on other sites

16 hours ago, petzl said:

Well I don't see the "received by"  line 
Which should be followed with the
"Received: from"

Ricardo_63, this "Received:" line should be added by the receiving email server.  And should not be disabled by any spammer.

On 7/24/2020 at 5:05 AM, Ricardo_63 said:

That's the point,  where spammers it seems almost step ahead, masking mails without possibility to reported.

Though RFC2882 might be confusing, RFC5321 explains this well in section 3.7.2, where your ISP should be adding that line.

3.7.2.  Received Lines in Gatewaying

   When forwarding a message into or out of the Internet environment, a
   gateway MUST prepend a Received: line, but it MUST NOT alter in any
   way a Received: line that is already in the header section.

Another way to think of it, is if your ISP refused to put this line on your email, then they must provide another way for you to get the information via a phone call or log access.  If they refused to tell you the sending IP and helo hostname, then the offending email must be counted as spam send "by your email provider".

Link to comment
Share on other sites

34 minutes ago, gnarlymarley said:

Ricardo_63, this "Received:" line should be added by the receiving email server.  And should not be disabled by any spammer.

Though RFC2882 might be confusing, RFC5321 explains this well in section 3.7.2, where your ISP should be adding that line.


3.7.2.  Received Lines in Gatewaying

   When forwarding a message into or out of the Internet environment, a
   gateway MUST prepend a Received: line, but it MUST NOT alter in any
   way a Received: line that is already in the header section.

Another way to think of it, is if your ISP refused to put this line on your email, then they must provide another way for you to get the information via a phone call or log access.  If they refused to tell you the sending IP and helo hostname, then the offending email must be counted as spam send "by your email provider".

Thanks.

Well I have subscribe many ticket about spam mail, but I never get answer, but after complete a survey have been called by a guy from support but is practically difficult to talk, it note conceited and assume problems becomes form users side because ISP have the best of unsolicited bulk email system and finally recommended take care when filled on sites with data form.

 

 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...