Jump to content

Parsing error or my newbie inexperience?


Lance
 Share

Recommended Posts

On occasion I think Spamcop mis-identifies the originating email. Here's an example:

http://www.spamcop.net/sc?id=z1331714565zd...150c858a619166z

In this example Spamcop believes the email originated from 68.181.x.x

Now I can manually look at the Received headers and I think the email originated from 151.134.x.x or maybe 124.120.x.x. I can't see what's so special about them that the Spamcop parser would ignore these.

Can someone enlighten me why this is so?

Lance

*****

Link to comment
Share on other sites

You are reading the headers backwards most likely. New received headers are added at the TOP of the message. So the last received before you got it was:

Received: from msg-mx0.usc.edu ([128.125.137.5]) by vsoeexch.vsoe.usc.edu with Microsoft SMTPSVC(6.0.3790.1830);

Wed, 20 Jun 2007 08:18:16 -0700

This is obviously an internal handoff within the usc.edu system, it is skipped because it is listed with spamcop as a trusted relay, so spamcop moves onto the next received line.

Received: from almaak-01.usc.edu ([68.181.201.1])

by msg-mx0.usc.edu (Sun Java System Messaging Server 6.2-7.05 (built Sep 5

2006)) with ESMTP id <0JJX001QYX60A6D0[at]msg-mx0.usc.edu> for x

(ORCPT x); Wed, 20 Jun 2007 08:19:00 -0700 (PDT)

Again, this appears to be an internal handoff within the usc.edu system, however since this server is NOT listed as a trusted relay, spamcop takes it as the originating IP address since it can't reliably parse any further.

Most likely, doing a mailhost probe will pick up this server and add it to your mailhost list so that spamcop can parse beyond this result.

Link to comment
Share on other sites

<snip>

Again, this appears to be an internal handoff within the usc.edu system, however since this server is NOT listed as a trusted relay, spamcop takes it as the originating IP address since it can't reliably parse any further.

Most likely, doing a mailhost probe will pick up this server and add it to your mailhost list so that spamcop can parse beyond this result.

I think I got it. Thanks Telarin.

Lance

*****

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...