Hiding client IP

Maniak

Maniak

Verified User
Joined
Aug 25, 2004
Messages
208
Location
Switzerland
Hello,

I have a small trouble with a special subject.

We have seen that the provider of one of person of the staff has is IP address blacklisted by the mosty famous RBL DB.

Of course, we do not support spam! But we wrote to the abuse mail of the provider to ask to keep an eye on this, but the company seems to interested to move even the smallest finger.

We decided to setup our own solution, but then where to start with that?

The actual situation is :

[Client email] > [Exim on our server] > [Server of the recipient] > [mailbox of the recipient].

The only problem is that sometimes it's and in fact early all the time :

[Client email] > [Exim on our server] > [Spam ISP filter] > [TRASH] and we cannot reach the [mailbox of the recipient].

Is it a way for the CIDR of this person to ask exim to retag the header of the mail?

Thank you all.
 
I'm very confused because if the email is coming from your server no properly configured server should drop it unless it's your server's IP that's blocklisted.

Can you change the headers on mail going through your server?

Yes. It's against the RFCs, but you can certainly learn how to manage exim well enough to do it.

However the right way to solve the problem is:

First make sure your server isn't in any blocklists. If it is, get that problem fixed.

Then if the ISP is still blocking your server, ask them why.

Jeff
 
Hello,

> I'm very confused because if the email is coming from your server no properly configured server should drop it unless it's your server's IP that's blocklisted.

- No, the server is not blacklisted.

The provider of one of the staff is FastWeb , in Italy.

Fastweb offer FTTH through a LAN, and all customers get connected to internet through a NAT system.

Unfortunately, the block of this ISP is blacklisted, and when he send a mail is tagged early like this :

--
X-Spam-Status: Yes, hits=13.456 required=7 scantime="6.1853 seconds" tests=BAYES_50,FR_NOM_DOMAINE,RBL_COMBO_F_2,
RCVD_IN_CBL_SPAM,RCVD_IN_MST_SPAM,RCVD_IN_PSBL_SPAM,
RCVD_IN_SORBS_WEB,SPAMTRAP_COMBO_3,SPF_PASS
X-Spam-Report: ---- Start der SpamAssassin Auswertung
-0.1 SPF_PASS SPF: sender matches SPF record
0.5 FR_NOM_DOMAINE BODY: Domain name, in French.
-1.5 BAYES_50 BODY: Bayesian spam probability is 40 to 60%
[score: 0.5000]
2.5 RCVD_IN_PSBL_SPAM RBL: Listed in psbl.surriel.com
[213.156.xx.xxx listed in psbl.surriel.com]
1.5 RCVD_IN_SORBS_WEB RBL: SORBS: sender is a abuseable web server
[213.156.xx.xxx listed in dnsbl.sorbs.net]
1.1 RCVD_IN_MST_SPAM RBL: Listed in rmst.dnsbl.net.au
[213.156.xx.xxx listed in rmst.dnsbl.net.au]
1.5 RCVD_IN_CBL_SPAM RBL: Listed in cbl.abuseat.org
[213.156.xx.xxx listed in cbl.abuseat.org]
5.0 SPAMTRAP_COMBO_3 Mails have been sent to different spamtraps.
3.0 RBL_COMBO_F_2 Blacklist Combo F (2)
--

The ISP does not answer and they will certainly not move the finger for this.

What can we do to allow this user to send email with the server without beeing flagged as spammer?

Thanks !
 
Your server can accept email from your user as an authenticated sender, hopefully on the autenticated sender port.

Then your user can send the email out through your user. And as long as your IP# isn't blocked, anyone should accept his email.

Any server that blocks mail from your server because a prior server in the chain is blocked is (a) seriously misconfigured, and (b) rejecting email at data time, or accepting it and then bouncing it.

Jeff
 
Hello,

To be really clear I would like exim to change the headers of the mail send by 127.0.0.1 to 192.168.0.1

How can I do? I was looking around with :

headers_rewrite = 127.0.0.1 192.168.0.1 e

but it does not seems to be the way.
 
I don't understand. Since neither of those are public IP#s, exim running on a DA server shouldn't be sending email from them.

Jeff
 
jlasman said:
I don't understand. Since neither of those are public IP#s, exim running on a DA server shouldn't be sending email from them.

Jeff
Click to expand...

It was just an example of IPs, the real ip will be adapted.
 
You must log in or register to reply here.
Back
Top