Extreme headache from ASSP Extreme Ban
Posted
by
Chase Florell
on Server Fault
See other posts from Server Fault
or by Chase Florell
Published on 2012-12-05T03:17:15Z
Indexed on
2012/12/05
5:09 UTC
Read the original article
Hit count: 519
I've got a local user on my server that as of today cannot send email from any of their devices. Only Webmail (which doesn't touch any of their devices) works.
Here are the various email failures I'm receiving in the logs.
Dec-04-12 19:52:47 75966-05166 [SpoofedSender] 111.111.111.111 <[email protected]> to: [email protected] [scoring:20] -- No Spoofing Allowed -- [Test];
Dec-04-12 19:52:47 75966-05166 [Extreme] 111.111.111.111 <[email protected]> to: [email protected] [spam found] -- score for 111.111.111.111 is 1980, surpassing extreme level of 500 -- [Test] -> spam/Test__1.eml;
Dec-04-12 19:52:48 75968-05169 111.111.111.111 <[email protected]> to: [email protected] [scoring:10] -- IP in HELO does not match connection: '[192.168.0.10]' -- [Re Demo Feedbacks for End of November Sales];
Dec-04-12 19:52:48 75968-05169 [SpoofedSender] 111.111.111.111 <[email protected]> to: [email protected] [scoring:20] -- No Spoofing Allowed -- [Re Demo Feedbacks for End of November Sales];
Dec-04-12 19:52:48 75968-05169 [Extreme] 111.111.111.111 <[email protected]> to: [email protected] [spam found] -- score for 111.111.111.111 is 2020, surpassing extreme level of 500 -- [Re Demo Feedbacks for End of November Sales] ->spam/Re_Demo_Feedbacks_for_End_of_N__2.eml;
Dec-04-12 19:52:57 75977-05179 [SpoofedSender] 111.111.111.111 <[email protected]> to: [email protected] [scoring:20] -- No Spoofing Allowed -- [test];
Dec-04-12 19:52:57 75977-05179 [Extreme] 111.111.111.111 <[email protected]> to: [email protected] [spam found] -- score for 111.111.111.111 is 2040, surpassing extreme level of 500 -- [test] -> spam/test__3.eml;
…………….
Dec-04-12 19:55:35 76135-05338 [SpoofedSender] 111.111.111.111 <[email protected]> to: [email protected] [scoring:20] -- No Spoofing Allowed -- [test];
Dec-04-12 19:55:35 76135-05338 [MsgID] 111.111.111.111 <[email protected]> to: [email protected] [scoring] (Message-ID not valid: 'E8472A91545B44FBAE413F6D8760C7C3@bts');
Dec-04-12 19:55:35 76135-05338 [InvalidHELO] 111.111.111.111 <[email protected]> to: [email protected] [spam found] -- Invalid HELO: 'bts' -- [test] -> discarded/test__4.eml;
note: 111.111.111.111 is a replacement for the users home IP address
Here is the headers of one of the messages
X-Assp-Score: 10 (HELO contains IP: '[192.168.0.10]')
X-Assp-Score: 10 (IP in HELO does not match connection: '[192.168.0.10]')
X-Assp-Score: 20 (No Spoofing Allowed)
X-Assp-Score: 10 (bombSubjectRe: 'sale')
X-Assp-Score: 20 (blacklisted HELO '[192.168.0.10]')
X-Assp-Score: 45 (DNSBLcache: failed, 111.111.111.111 listed in safe.dnsbl.sorbs.net)
X-Assp-DNSBLcache: failed, 174.0.35.31 listed in safe.dnsbl.sorbs.net
X-Assp-Received-SPF: fail (cache) ip=174.0.35.31 [email protected]
helo=[192.168.0.10]
X-Assp-Score: 10 (SPF fail)
X-Assp-Envelope-From: [email protected]
X-Assp-Intended-For: [email protected]
X-Assp-Version: 1.7.5.7(1.0.07) on ASSP.nospam
X-Assp-ID: ASSP.nospam (77953-07232)
X-Assp-Spam: YES
X-Assp-Original-Subject: Re: Demo Feedbacks for End of November Sales
X-Spam-Status:yes
X-Assp-Spam-Reason: MessageScore (125) over limit (50)
X-Assp-Message-Totalscore: 125
Received: from [192.168.0.10] ([111.111.111.111] helo=[192.168.0.10]) with
IPv4:25 by ASSP.nospam; 4 Dec 2012 20:25:52 -0700
Content-Type: multipart/alternative; boundary=Apple-Mail-40FE7453-4BE7-4AD6-B297-FB81DAA554EC
Content-Transfer-Encoding: 7bit
Subject: Re: Demo Feedbacks for End of November Sales
References: <003c01cdd22e$eafbc6f0$c0f354d0$@com>
From: Some User <[email protected]>
In-Reply-To: <003c01cdd22e$eafbc6f0$c0f354d0$@com>
Message-Id: <[email protected]>
Date: Tue, 4 Dec 2012 19:32:28 -0700
To: External User <[email protected]>
Mime-Version: 1.0 (1.0)
X-Mailer: iPhone Mail (10A523)
Why is it that a local sender has been banned on our local server, and how can I fix this?
© Server Fault or respective owner
