bhieb
asked on
Email being blocked
Ok so this one is a bit weird. We use a product called Websense for our filtering. It has several layers of checks. The first of which is a connection check. If a reverse DNS check fails for example the connection is denied and all that is logged is the IP and the reason.
If the connection is made then it hits a rule service and logs accordingly, at this point you can whitelist by domain.
I have an exec that is receiving emails from a gmail user when that user sends from his phone. But if the same address sends from his house it is not logged at the rule service. Which tells me it is blocked at the connection level.
So what I need is a way to find out what IP is being stamped on the email being sent from his home. So that I can whitelist that IP at the connection level.
This is really confusing since I though all @gmail.com addresses would originate from a gmail server, but evidently the one sent from his home is doing someting wonky. As such the filter assumes it is a spoofed gmail server, and denies the connection.
How can I find out what the IP was of an email chain forwarded to me. If I can find out what IP his home is sending as I can whitelist it.
If the connection is made then it hits a rule service and logs accordingly, at this point you can whitelist by domain.
I have an exec that is receiving emails from a gmail user when that user sends from his phone. But if the same address sends from his house it is not logged at the rule service. Which tells me it is blocked at the connection level.
So what I need is a way to find out what IP is being stamped on the email being sent from his home. So that I can whitelist that IP at the connection level.
This is really confusing since I though all @gmail.com addresses would originate from a gmail server, but evidently the one sent from his home is doing someting wonky. As such the filter assumes it is a spoofed gmail server, and denies the connection.
How can I find out what the IP was of an email chain forwarded to me. If I can find out what IP his home is sending as I can whitelist it.
ASKER
It is there I'm sure, but so are literally hundreds if not thousands of others per hour. Since no content is logged at connection, I don't have any way to tell which of those hundreds are his. In other words I cannot search by sender address because nothing has been logged yet, since the connection is refused. All I have are time/date and IP, and it just isn't enough.
So can I find it from the email, is it in a header or something?
So can I find it from the email, is it in a header or something?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Is it possible that Gmail uses different servers for smartphone email and internet mail? If so, then that would explain the IP address filtering issue.
The mobile phone network is a separate entity to the terrestrial networks that your user's home computer uses, though of course they are interconnected..
The mobile phone network is a separate entity to the terrestrial networks that your user's home computer uses, though of course they are interconnected..
ASKER
Pera...That may be the case, but I normally have no issues from other gmail users at home or mobile.
Sodea..I'll reach out to him and try that. Have him send both to my gmail, and trace it that way.
Thanks!
Sodea..I'll reach out to him and try that. Have him send both to my gmail, and trace it that way.
Thanks!
You may have to turn logging on and have him try to resend from home though if it isn't active yet.