Solved

HIde local IP when relaying by Exim

Posted on 2009-05-06
3
1,286 Views
Last Modified: 2013-12-02
Our company Exchange uses external server with Exim  ( the reason is that the local one has dynamic IP and it is being rejected by some spam filters )
But it looks like some spam filter rejects it now because i finds the local IP address somewhere in headers.
How can we install Exim that it does not relay IP addres of the local sender?

Thank  you.
0
Comment
Question by:APRESTOUS
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 37

Assisted Solution

by:Jian An Lim
Jian An Lim earned 150 total points
ID: 24320803
the local IP address is definitely show in regardless which service provider you move to.

but a proper spam filter will not reject based on the local IP address found in headers.

only the last received IP address will be shown.



if u got a reject email and show to me, i don think exim can help you much.


my client had the same problem that they have been rejected y some spam filter but after moving to mailguard (like yours to exim) we don have such issue any more.
0
 
LVL 30

Accepted Solution

by:
Kerem ERSOY earned 200 total points
ID: 24321233
The simple address is you can't. Exim can't help you with that. It adds its own address to the so called "Envelope" part of the e-mail as it receives mail for relay. Even MSN.com or Google uses this kinf of information in their mail headers so I don't think you are not simply rejected because you have an intrnet address in the envelope part of your message.

To reduce the chance of rejection to your e-mails you might consider:
- Adding reverse lookup zone to your nameservers so that the receiver can resolve your SMTP hub IP back to your address.
- Indicate all your external mail hubs in your zone's MX records.
- If they are not located in your sender domain (This happens when you use an ISP to relay your mail instead of directly distributing it) you might try to add a spf TXT record indicatin all possible mail senders from your domains.
- Check if you are listed in any of the SPAM Blacklists, Dynamic address Blacklists etc. You can check your IP address against lots of blacklists here:
http://www.mxtoolbox.com/blacklists.aspx

As you see most f the solutions I suggests are not based on your SMTP server!  Geenrally most problems are a result of poor DNS configuration or misconfigured SMTP server causing SPAM or trojan infected coputers behinfd a NAT gateway sharing your SMTP address. Use this link to check about your domain and configuration:
http://www.intodns.com/


0
 
LVL 20

Assisted Solution

by:Daniel McAllister
Daniel McAllister earned 150 total points
ID: 24682772
This question is stale, but allow me to add my 2-cents worth: Your premise that a local (RFC 1918) IP address in the mail header is causing your message to be rejected as SPAM is not correct. In fact, with the exception of web-mail servers, nearly ALL mail messages have a LAN IP address in their header -- the LAN IP address of the original PC that sent the message to begin with.

Secondly, your idea of "stripping out" header information is a violation of the SMTP standard, so is not likely to be easily implemented... which is NOT to say it cannot be done! SPAMMers do it all the time! It's just that "white-hat" developers aren't likely to implement it because of its obvious "black-hat" uses.

I agree with KeremE above -- use the tools available at mxtoolbox.com to try to discover what may be causing the blocking... I also often find it useful to call & ask the receiving postmaster what their system is reporting as the reason for the rejection. In addition to the BlackLists (that can be checked in mxtoolbox.com's lookup), the most common reasons I find are:
 1) No reverse-IP lookup (or one that is a "generic" or "dynamic" one
 2) SPF records that are NOT entered correctly
 3) DomainKeys or DKIM signatures that are similarly not coded correctly

In any case, this question has been nearly abandoned, and APRESTOUS should award points to anyone who helped him (or her) to resolve the issue (or should post an update here if more help is needed).

I hope this helps!

Dan
IT4SOHO
0

Featured Post

Certified OpenStack Administrator Course

We just refreshed our COA course based on the Newton exam.  With 14 labs, this course goes over the different OpenStack services that are part of the certification: Dashboard, Identity Service, Image Service, Networking, Compute, Object Storage, Block Storage, and Orchestration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The new Gmail Phishing Scam going around is surprising even the savviest of users with its sophisticated techniques.
This article will help to fix the below errors for MS Exchange Server 2013 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
how to add IIS SMTP to handle application/Scanner relays into office 365.
Suggested Courses

635 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question