jamesmichaelnewton Posted May 8, 2007 Share Posted May 8, 2007 My server at 126.96.36.199 is now running ASSP in front of the original MTA. This is great most of the time, but ASSP does occasionally miss a well done spam. Those are the ones I assume are the most valuable to report, so I'm trying to do so. spamcop.net is refusing the reports now. For example reporting: Return-Path: <root[at]admin.xfloyd2.net> Received: from admin.xfloyd2.net ([127.0.0.1]) by nt2.massmind.org (Post.Office MTA v3.5.3 release 223 ID# 0-0U10L2S100V35) with ESMTP id org for <webmaster[at]massmind.org>; Tue, 8 May 2007 07:39:35 -0700 Received: from 188.8.131.52 ([184.108.40.206] helo=admin.xfloyd2.net) by ASSP.nospam; 8 May 2007 07:39:35 -0700 Received: (qmail 16277 invoked by uid 0); 8 May 2007 06:08:24 -0500 Date: 8 May 2007 06:08:24 -0500 Message-ID: <20070508110824.16271.qmail[at]admin.xfloyd2.net> To: webmaster[at]massmind.org Subject: Your Payment has been sent to payments[at]diamondjewelry.com From: service[at]paypal.com <service[at]paypal.com> followed by the source of the actual email results in this response: Parsing header: 0: Received: from 220.127.116.11 ([18.104.22.168] helo=admin.xfloyd2.net) by ASSP.nospam; 8 May 2007 07:39:35 -0700 No unique hostname found for source: 22.214.171.124 Possible forgery. Supposed receiving system not associated with any of your mailhosts Will not trust anything beyond this header No source IP address found, cannot proceed. I assume this is due to the inclusion of ASSP. So I tried to re-register the mailhost for 126.96.36.199 following the procedure outlined. I entered my regular email address and tried "massmind.org" for the "standard name of this email provider " the first time and "assp.nospam" the second time. After following the return link, posting in the header and account configuration email (and removing the extra spaces from the X-SpamCop-Conf: line (would it kill you to add a trim command to the scri_pt? :angry: ) ) Both times, the result was a Mailhost name of "interestingdevices.com" with Hosts/Domains: set to "computeam.nl" and a relaying ip of 188.8.131.52. Not only are those domains and addersses NOT in any way associated with me, they are not even found anywhere in the headers or body of the configuration email. The pull downs for Hosts/Domains: and Relaying IPs: DO include the accurate values "assp.nospam" and "184.108.40.206" but since there is no submit button on the page, and no text field to hit enter in, I don't see how I can post the corrected information back. Interestingly enough, with the incorrect information in the mailhosts list, the reporting of the above mentioned phish appears to work, although I have no idea how. I really don't care if you respond or not, I'm just trying to report my experience in hopes that it will make you wonder how people can avoid being confused as all get-out by your system. Go ahead wazoo, tell me what an idiot I am. Link to comment Share on other sites More sharing options...
This topic is now archived and is closed to further replies.