Re: [exim] Making Exim does not include IPs of the original …

Top Page
This message is part of the following thread:
M---+\the complete thread tree sorted by date
M--\MMMagnus Holmgren at <-
M+\MJakob Hirsch at ->
Delete this message
Reply to this message
Author: Alejandro Lengua
Date:  
To: Exim-users
Subject: Re: [exim] Making Exim does not include IPs of the original sender....
This is the summary generated by Spamassassin, although I can change some
things in the email body itself
to avoid having it catched as spam. It is clear that the greatest scores are
generated by the rules that detect
the IP it comes from.


Spam detection software, running on the system "beta.vohosting.com", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
the administrator of that system for details.

Content preview: MAJAZ: JNE pretende impedir consulta vecinal El Jurado
Nacional
de Elecciones autorizó a su procurador tomar medidas cautelares para
incautar
todos los materiales de la consulta vecinal convocada por los distritos
de
Ayabaca, Carmen de la Frontera y Pacaipampa. [...]

Content analysis details: (16.0 points, 5.0 required) 

 pts rule name              description
---- ----------------------
--------------------------------------------------
 1.0 EXTRA_MPART_TYPE       Header has extraneous Content-type:...type=
entry
 0.1 RDNS_NONE              Delivered to trusted network by a host with no
rDNS
 0.0 BOTNET_BADDNS          Relay doesn't have full circle DNS
    [botnet_baddns,ip=201.230.86.203,rdns=
client-201.230.86.203.speedy.net.pe]
 0.0 BOTNET_CLIENTWORDS     Hostname contains client-like substrings
[botnet_clientwords,ip=201.230.86.203,rdns=
client-201.230.86.203.speedy.net.pe]
 1.8 SUBJ_ALL_CAPS          Subject is all capitals
 5.0 BOTNET                 Relay might be a spambot or virusbot
[botnet0.7,ip=201.230.86.203,hostname=client-201.230.86.203.speedy.net.pe
,maildomain=conflictosmineros.org.pe,baddns,client,ipinhostname,clientwords]
 0.0 BOTNET_IPINHOSTNAME    Hostname contains its own IP address
[botnet_ipinhosntame,ip=201.230.86.203,rdns=
client-201.230.86.203.speedy.net.pe]
 0.0 BOTNET_CLIENT          Relay has a client-like hostname
[botnet_client,ip=201.230.86.203,hostname=
client-201.230.86.203.speedy.net.pe,ipinhostname,clientwords]
 0.0 T_TVD_FW_GRAPHIC_ID1   BODY: T_TVD_FW_GRAPHIC_ID1
 0.0 HTML_MESSAGE           BODY: HTML included in message
 1.6 RCVD_IN_SORBS_DUL      RBL: SORBS: sent directly from dynamic IP
address
                            [201.230.86.203 listed in dnsbl.sorbs.net]
 1.2 PART_CID_STOCK         Has a spammy image attachment (by Content-ID)
 0.0 PART_CID_STOCK_LESS    Has a spammy image attachment (by Content-ID,
                            more specific)
 1.1 MY_CID_ARIAL_STYLE     SARE cid arial2 style
 0.9 MY_CID_AND_CLOSING     SARE cid and closing
 0.7 MY_CID_AND_STYLE       SARE cid and style
 0.7 MY_CID_AND_ARIAL2      SARE CID and Arial2
 1.2 MY_CID_ARIAL2_CLOSING  SARE cid arial2 closing
 0.7 SHORT_HELO_AND_INLINE_IMAGE Short HELO string, with inline image


The original message was not completely plain text, and may be unsafe to
open with some email clients; in particular, it may contain a virus,
or confirm that your address can receive spam. If you wish to view
it, it may be safer to save it to a file and open it with an editor.


On 9/13/07, Magnus Holmgren <holmgren@???> wrote:
>
> > On Thursday 13 September 2007 19:47, Alejandro Lengua wrote:
> > Most dynamic IPs from ADSL providers are in blacklists, therefore when
> they
> > send
> > emails from my email server, their emails are bounced even if my mail
> > server is not blacklisted.
> > Is there a way to make EXIM, not include the original IP of the sender?
>
> It might be helpful if you could provide a couple of examples of such
> emails.
> If your mail server seems credible and the recipients' mail servers are
> configured correctly, they should not refuse mail just because it
> originated
> at a dynamic IP address or even if the IP address is blacklisted as
> spamware-infected (e.g. Spamhaus PBL and XBL). Some blacklists, such as
> SBL,
> contain IP addresses directly controlled or owned by spammers, and in that
> case it makes more sense to block the mail. For example, SpamAssassin
> makes
> this distinction.
>
> I don't think it is advisable to delete tracking information from the
> header.
>
> - --
> Magnus Holmgren        holmgren@???
>                        (No Cc of list mail needed, thanks)

> >
> --
> ## List details at http://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/
>
This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] will this ACL doRe: [exim] Making Exim does not include IPs of the original sender....->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)