Hello,
hoping that adding sending IP Address to X-Originating-IP: header will help
me fight against spam posted via webmail it seems I caused more problems
than it was supposed to solve.
mail sent from external IP 192.0.2.1 via webmail on 192.168.0.10, then pushed
to SMTP server 192.168.0.10 (authenticated).
results
- ALL_TRUSTED doesn't fire because 192.0.2.1 in X-Originating-IP
- HELO_NO_DOMAIN fires
- RDNS_NONE fires
- both because X-Originating-IP contains no helo/DNS data.
any idea what could I do here, besides disabling X-Originating-IP
generation?
Received: from mail.example.com ([127.0.0.1])
by localhost (mail.example.com [127.0.0.1]) (amavisd-new, port 10024)
with LMTP id kEVGzIXBomJ9; Wed, 1 Dec 2021 09:47:49 +0100 (CET)
Received: from mail.example.com (mail.example.com [192.168.0.10])
by mail.example.com (Postfix) with ESMTPSA id 591781C008E
for <redacted@gmail.com>; Wed, 1 Dec 2021 09:47:49 +0100 (CET)
User-Agent: Roundcube Webmail/1.3.17
X-Originating-IP: [192.0.2.1]
Dec 1 11:04:48.911 [11167] dbg: metadata: X-Spam-Relays-Trusted: [. ip=127.0.0.1 rdns=localhost helo=localhost by=mail.example.com ident= envfrom= intl=1 id=D0BF51C1B71 auth= msa=0 ] [. ip=127.0.0.1 rdns= helo=mail.example.com by=localhost ident= envfrom= intl=1 id=kEVGzIXBomJ9 auth= msa=0 ] [. ip=192.168.0.10 rdns=mail.example.com helo=mail.example.com by=mail.example.com ident= envfrom= intl=1 id=591781C008E auth=ESMTPSA msa=0 ]
Dec 1 11:04:48.911 [11167] dbg: metadata: X-Spam-Relays-Untrusted: [. ip=192.0.2.1 rdns= helo= by= ident= envfrom= intl=0 id= auth= msa=0 ]
Dec 1 11:04:48.911 [11167] dbg: metadata: X-Spam-Relays-Internal: [. ip=127.0.0.1 rdns=localhost helo=localhost by=mail.example.com ident= envfrom= intl=1 id=D0BF51C1B71 auth= msa=0 ] [. ip=127.0.0.1 rdns= helo=mail.example.com by=localhost ident= envfrom= intl=1 id=kEVGzIXBomJ9 auth= msa=0 ] [. ip=192.168.0.10 rdns=mail.example.com helo=mail.example.com by=mail.example.com ident= envfrom= intl=1 id=591781C008E auth=ESMTPSA msa=0 ]
Dec 1 11:04:48.911 [11167] dbg: metadata: X-Spam-Relays-External: [. ip=192.0.2.1 rdns= helo= by= ident= envfrom= intl=0 id= auth= msa=0 ]
--
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Chernobyl was an Windows 95 beta test site.
hoping that adding sending IP Address to X-Originating-IP: header will help
me fight against spam posted via webmail it seems I caused more problems
than it was supposed to solve.
mail sent from external IP 192.0.2.1 via webmail on 192.168.0.10, then pushed
to SMTP server 192.168.0.10 (authenticated).
results
- ALL_TRUSTED doesn't fire because 192.0.2.1 in X-Originating-IP
- HELO_NO_DOMAIN fires
- RDNS_NONE fires
- both because X-Originating-IP contains no helo/DNS data.
any idea what could I do here, besides disabling X-Originating-IP
generation?
Received: from mail.example.com ([127.0.0.1])
by localhost (mail.example.com [127.0.0.1]) (amavisd-new, port 10024)
with LMTP id kEVGzIXBomJ9; Wed, 1 Dec 2021 09:47:49 +0100 (CET)
Received: from mail.example.com (mail.example.com [192.168.0.10])
by mail.example.com (Postfix) with ESMTPSA id 591781C008E
for <redacted@gmail.com>; Wed, 1 Dec 2021 09:47:49 +0100 (CET)
User-Agent: Roundcube Webmail/1.3.17
X-Originating-IP: [192.0.2.1]
Dec 1 11:04:48.911 [11167] dbg: metadata: X-Spam-Relays-Trusted: [. ip=127.0.0.1 rdns=localhost helo=localhost by=mail.example.com ident= envfrom= intl=1 id=D0BF51C1B71 auth= msa=0 ] [. ip=127.0.0.1 rdns= helo=mail.example.com by=localhost ident= envfrom= intl=1 id=kEVGzIXBomJ9 auth= msa=0 ] [. ip=192.168.0.10 rdns=mail.example.com helo=mail.example.com by=mail.example.com ident= envfrom= intl=1 id=591781C008E auth=ESMTPSA msa=0 ]
Dec 1 11:04:48.911 [11167] dbg: metadata: X-Spam-Relays-Untrusted: [. ip=192.0.2.1 rdns= helo= by= ident= envfrom= intl=0 id= auth= msa=0 ]
Dec 1 11:04:48.911 [11167] dbg: metadata: X-Spam-Relays-Internal: [. ip=127.0.0.1 rdns=localhost helo=localhost by=mail.example.com ident= envfrom= intl=1 id=D0BF51C1B71 auth= msa=0 ] [. ip=127.0.0.1 rdns= helo=mail.example.com by=localhost ident= envfrom= intl=1 id=kEVGzIXBomJ9 auth= msa=0 ] [. ip=192.168.0.10 rdns=mail.example.com helo=mail.example.com by=mail.example.com ident= envfrom= intl=1 id=591781C008E auth=ESMTPSA msa=0 ]
Dec 1 11:04:48.911 [11167] dbg: metadata: X-Spam-Relays-External: [. ip=192.0.2.1 rdns= helo= by= ident= envfrom= intl=0 id= auth= msa=0 ]
--
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Chernobyl was an Windows 95 beta test site.