Solved

HIde local IP when relaying by Exim

Posted on 2009-05-06
3
1,213 Views
Last Modified: 2013-12-02
Our company Exchange uses external server with Exim  ( the reason is that the local one has dynamic IP and it is being rejected by some spam filters )
But it looks like some spam filter rejects it now because i finds the local IP address somewhere in headers.
How can we install Exim that it does not relay IP addres of the local sender?

Thank  you.
0
Comment
Question by:APRESTOUS
3 Comments
 
LVL 36

Assisted Solution

by:Jian An Lim
Jian An Lim earned 150 total points
ID: 24320803
the local IP address is definitely show in regardless which service provider you move to.

but a proper spam filter will not reject based on the local IP address found in headers.

only the last received IP address will be shown.



if u got a reject email and show to me, i don think exim can help you much.


my client had the same problem that they have been rejected y some spam filter but after moving to mailguard (like yours to exim) we don have such issue any more.
0
 
LVL 30

Accepted Solution

by:
Kerem ERSOY earned 200 total points
ID: 24321233
The simple address is you can't. Exim can't help you with that. It adds its own address to the so called "Envelope" part of the e-mail as it receives mail for relay. Even MSN.com or Google uses this kinf of information in their mail headers so I don't think you are not simply rejected because you have an intrnet address in the envelope part of your message.

To reduce the chance of rejection to your e-mails you might consider:
- Adding reverse lookup zone to your nameservers so that the receiver can resolve your SMTP hub IP back to your address.
- Indicate all your external mail hubs in your zone's MX records.
- If they are not located in your sender domain (This happens when you use an ISP to relay your mail instead of directly distributing it) you might try to add a spf TXT record indicatin all possible mail senders from your domains.
- Check if you are listed in any of the SPAM Blacklists, Dynamic address Blacklists etc. You can check your IP address against lots of blacklists here:
http://www.mxtoolbox.com/blacklists.aspx

As you see most f the solutions I suggests are not based on your SMTP server!  Geenrally most problems are a result of poor DNS configuration or misconfigured SMTP server causing SPAM or trojan infected coputers behinfd a NAT gateway sharing your SMTP address. Use this link to check about your domain and configuration:
http://www.intodns.com/


0
 
LVL 20

Assisted Solution

by:Daniel McAllister
Daniel McAllister earned 150 total points
ID: 24682772
This question is stale, but allow me to add my 2-cents worth: Your premise that a local (RFC 1918) IP address in the mail header is causing your message to be rejected as SPAM is not correct. In fact, with the exception of web-mail servers, nearly ALL mail messages have a LAN IP address in their header -- the LAN IP address of the original PC that sent the message to begin with.

Secondly, your idea of "stripping out" header information is a violation of the SMTP standard, so is not likely to be easily implemented... which is NOT to say it cannot be done! SPAMMers do it all the time! It's just that "white-hat" developers aren't likely to implement it because of its obvious "black-hat" uses.

I agree with KeremE above -- use the tools available at mxtoolbox.com to try to discover what may be causing the blocking... I also often find it useful to call & ask the receiving postmaster what their system is reporting as the reason for the rejection. In addition to the BlackLists (that can be checked in mxtoolbox.com's lookup), the most common reasons I find are:
 1) No reverse-IP lookup (or one that is a "generic" or "dynamic" one
 2) SPF records that are NOT entered correctly
 3) DomainKeys or DKIM signatures that are similarly not coded correctly

In any case, this question has been nearly abandoned, and APRESTOUS should award points to anyone who helped him (or her) to resolve the issue (or should post an update here if more help is needed).

I hope this helps!

Dan
IT4SOHO
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now