Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

Do any of you know how I can fix this RCVD_ILLEGAL_IP spam problem?

Options
  • 08-07-2014 7:20pm
    #1
    Mr. Loverman
    Closed Accounts Posts: 4,001 ✭✭✭


    Hi all

    I hope you can help me.

    My e-mails are getting flagged as spam. (E-mails I send are being flagged as spam on other people's mail servers).

    The problem is this:

    SpamAssassin Score: 3.287
    3.4 RCVD_ILLEGAL_IP Received: contains illegal IP address

    This is the received line in the mail header:
    Received: from [59.61.36.203] (port=5515 helo=MacBook-Air.local)
    by hostago.hostago.com with esmtpsa (TLSv1:DHE-RSA-AES128-SHA:128)
    (Exim 4.82)
    (envelope-from <myemailaddress@myserver.com>)
    id 1X4ZX8-0000Ik-Ep
    for OmgAdKpO2D@www.brandonchecketts.com; Tue, 08 Jul 2014 18:50:26 +0100

    My IP address is 185.24.232.122 and my server's IP address is 5.153.16.74.

    I don't know what 59.61.36.203 is.

    Any ideas?

    Thanks.


Comments

  • Options
    #2
    ressem
    Registered Users Posts: 2,426 ✭✭✭ressem


    A Chinese IP apparently.
    http://bgp.he.net/ip/59.61.36.203

    AS4134 59.60.0.0/15 CHINANET fujian province network

    Is the content of these these mails definitely originating from you and your mail server?
    Might they just be spam from which you are getting bouncebacks. Are you using a macbook air?

    If not, you might need to make sure that your hostago.com mail server doesn't permit anonymous relaying, or change your account password.

    Other possibility is that you have Tor or something comparable on your macbook to anonomize it's internet communication, and your smtp traffic is exiting through another part of the world.


  • Options
    #3
    Mr. Loverman
    Closed Accounts Posts: 4,001 ✭✭✭Mr. Loverman


    Thanks for your reply.

    Yes, I am in China, but I use a VPN for everything.

    Is there any way to turn off this setting in my mail server (exim) or mail software?

    Cheers


  • Options
    #4
    ressem
    Registered Users Posts: 2,426 ✭✭✭ressem


    RCVD_ILLEGAL_IP isn't supposed to be used to restrict questionable source IPs.

    Any chance that it's been customised incorrectly or an old version?

    Sitewide spamassassin changes are made in
    /etc/mail/spamassassin/local.cf

    A rule to downgrade this problem score is 
    score RCVD_ILLEGAL_IP 0

    Though, assuming that you're authenticating to your mail server, the rule 
    whitelist_auth yourname@yourdomain.com
    would be preferable.

    then check for typos. 
    spamassassin --lint
    and if it passes, make active using 
    service spamassassin restart

    And you might want to doublecheck your VPN client, compare to the IP logged with exim and your VPN software / hardware.


Advertisement