Re: [exim] Making Exim does not include IPs of the original …

Top Page
Delete this message
Reply to this message
Author: Marcin Krol
Date:  
To: exim users
Subject: Re: [exim] Making Exim does not include IPs of the original sender....
Magnus Holmgren pisze:
> On Thursday 13 September 2007 19:47, Alejandro Lengua wrote:
> > Most dynamic IPs from ADSL providers are in blacklists, therefore
> when they
> > send
> > emails from my email server, their emails are bounced even if my mail
> > server is not blacklisted.
> > Is there a way to make EXIM, not include the original IP of the sender?
>
> It might be helpful if you could provide a couple of examples of such
> emails.


I've had such a case today:

>From : spbs xxx@???>


To     : zzz@???>



X-Spam-Report:

        * -0.0 HELO_EQ_DE HELO_EQ_DE


        *  0.0 DK_POLICY_SIGNSOME Domain Keys: policy says domain signs some mails


        *  0.1 HTML_90_100 BODY: Message is 90% to 100% HTML


        *  0.0 HTML_MESSAGE BODY: HTML included in message


        *  0.0 BAYES_50 BODY: Bayesian spam probability is 40 to 60%


        *      [score: 0.5123]


        *  0.2 HTML_TITLE_EMPTY BODY: HTML title contains no text


        *  1.6 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net


        *      [Blocked - see <http://www.spamcop.net/bl.shtml?213.158.196.99>]


        *  3.2 RCVD_IN_XBL RBL: Received via a relay in Exploits Block List


        *      [<http://www.spamhaus.org/query/bl?ip=213.158.196.99>]



The user in question is not a spammer, she sent mail from 213.158.196.99 (smtp client) via clean MX hosted by us (mail.spbs.pl), and yet the mail was rejected bc the today she got dynamic IP that happens to have been blocked by Spamcop in the past week.


> If your mail server seems credible and the recipients' mail servers are
> configured correctly, they should not refuse mail just because it
> originated
> at a dynamic IP address or even if the IP address is blacklisted as
> spamware-infected (e.g. Spamhaus PBL and XBL).


Sure. Except some mailservers are configured precisely in this way.
Incl. leukaemie-online.de
> Some blacklists, such as SBL,
> contain IP addresses directly controlled or owned by spammers, and in
> that
> case it makes more sense to block the mail. For example, SpamAssassin
> makes
> this distinction.
> I don't think it is advisable to delete tracking information from the
> header.


It definitely isn't a very nice thing (plus it defies RFCs I think), but
what can I do with this user except deleting Received: line with the bad
IP from their mail?


--
Marcin Król