Byteplant Forum

Home » CleanMail Support » CleanMail Server Talk » Received IP address
Received IP address [message #1494] Thu, 31 August 2006 14:55
KurtSch
Messages: 4
Registered: August 2006
Junior Member
Hi

NST receives the correct IP address from the sender but transforms it to the servers IP address (mostly 192.168.1.x) before transferring the mail to the mail-server. Why do you do that?`

Is it not useful to keep the senders address because NST works like a proxy and not like a MTA.

In my mail-server i have additional antispam-tests based on the ip-address which i cannot use at the moment.

Thanks for your answer
KurtSch

BTW: Grosses Kompliment für die tolle Software, endlich eine Lösung, die fast alle Spams herausfiltert. Ich hatte eine handgestrickte Lösung mit Spamassassin, aber eure Lösung ist besser.

Re: Received IP address [message #1495 is a reply to message #1494] Sat, 09 September 2006 11:46 Go to previous message
KurtSch
Messages: 4
Registered: August 2006
Junior Member
Hi

I just wanted to ask when i can expect an answer for my question.

why do you forward the NST servers IP instead of the received IP in the header? i would be happy to have the received IP address in my mail-server because i do some additional testing.

Thanks
KurtSch
Re: Received IP address [message #1496 is a reply to message #1495] Tue, 12 September 2006 09:27 Go to previous message
support
Messages: 919
Registered: April 2004
Senior Member
> I just wanted to ask when i can expect an answer for my
> question.
>
> why do you forward the NST servers IP instead of the received
> IP in the header? i would be happy to have the received IP
> address in my mail-server because i do some additional testing.

With NST running in front of your mail server, you have this setup:
Sender MTA ---> NST ---> Receiver MTA (your mail server)
This means that your mail server actually talks to NST and not to
the sending MTA directly.



Customer Support
Byteplant GmbH
Re: Received IP address [message #1497 is a reply to message #1496] Tue, 19 September 2006 23:01 Go to previous message
KurtSch
Messages: 4
Registered: August 2006
Junior Member
Hi

I agree with you if NST is a mailserver. But it is not, it is more a proxy than a server and a proxy can be hidden between both MTAs.

So please think about the option to transfer the senders IP to the mailserver instead of replacing it with NSTs IP address.

Thanks
KurtSch
Re: Received IP address [message #1498 is a reply to message #1494] Fri, 10 November 2006 01:04 Go to previous message
gtojon
Messages: 13
Registered: November 2006
Junior Member
I would like the option of passing the real IP to the Mail server!!!! All my DNS balcklists are worthlees to my customers that don't pay for the NST filter!!!! Maybe NST & MailEnable can reach an agreement??? Be nice to have an answer!!!! Many threads on this forum go unanswered & their really is no KB!! Happy answer is to look at SpamAssassin for answers!



Jon S.
Re: Received IP address [message #1499 is a reply to message #1498] Fri, 10 November 2006 06:07 Go to previous message
Heidner
Messages: 121
Registered: February 2005
Senior Member
FWIW, Not including the ip address for the NST proxy server might be construed as not being RFC compliant. Specifically RFC 2505, section 2. 2)

" 2) MUST be able to provide "Received:" lines with enough
information to make it possible to trace the mail path, despite
spammers use forged host names in HELO statements etc."

In part since NST is only a proxy server -- the mail could potentially travel through several more MTA's within an organizations mail servers before actually getting to the receipient.

"2.2.1. Direct MTA-to-MTA connections

Internet mail was designed such that the sending host connects
directly to the recipient as described by MX records (there may be
several MX hosts on a priority list). To assure traceability back to
the sending host (which may be a firewall/gateway, as described
later) each MTA along the path, including the final MTA, MUST prepend
a "Received:" line. For such a "Received:" line we have:

It MUST contain:

o The IP address of the caller.

o The 'date-time' as described in RFC822, [2], pp 18."

... more ... in RFC ... but dropped to make this short

Since NST is receiving the mail from the external MTA and reporting the NST host IP address - back to the sender -- you really need to have NST prepending its IP address on incoming mail -- so that if you need to work with the external mailers about mail problems -- there is a way to connect the two hosts.

You are correct in that message gateways do not necessarily (per RFC) need to prepend their IP address... but at the same time -- even in my small network... I have other MTA's that send mail into my exchange server - without going through NST. Because NST prepends the host IP to the e-mail it is easy to determine the route of the incoming mail... be it through NST or from another mail server within the network to my exchange server...

In larger enterprises - it is very common to have multiple e-mail points of presence on the internet that then feed into internal mailservers that synch up. If there is a problem with spam filtering -- you would need to know which filtering agent (NST) is has a configuration problem so you can fix it. Another example of why prepending the IP would be important.
Re: Received IP address [message #1500 is a reply to message #1494] Fri, 10 November 2006 06:36 Go to previous message
gtojon
Messages: 13
Registered: November 2006
Junior Member
Is there any way to divert communication directly to the Mail Server Port for unlicensed user emails? Sorry if I am not understanding this more! I know that I have gained a lot by using NST.....it truly is a great front end for SpamAssassin. It just hurts a little when we lose all control after NST forwards it.



Jon S.
Re: Received IP address [message #1501 is a reply to message #1494] Sat, 11 November 2006 01:19 Go to previous message
Heidner
Messages: 121
Registered: February 2005
Senior Member
In the e-mails I've checked -- the senders domain is the first line...

"Received: from mx11.ezinedirector.net (the-nt.xyz.net [192.168.31.1]) by the-nt.xyz.net with SMTP (Microsoft Exchange Internet Mail Service Version 123.123)
id WT6C5HA7; Fri, 10 Nov 2006 14:55:35 -0800"

While it isn't the IP...the domain is there... and MailEnable should be able to check to see if "mx11.ezinedirector.net" is on a blocklist.

Or is MailEnable seeing only the IP address of the NST host? And not the original sender?

A short example would make it clearer...


But it also sounds like you want a feature added in a future version of NST so you can specify the e-mail addresses that should be sent through without checking and modification...



Post Edited (11-11-06 01:26)
Re: Received IP address [message #1502 is a reply to message #1501] Sat, 11 November 2006 05:21 Go to previous message
gtojon
Messages: 13
Registered: November 2006
Junior Member
That would be a great feature!!

Thanks!



Jon S.
Previous Topic: Can tagged spam be sent to another mailbox
Next Topic: Blocked File
Goto Forum:
  


Current Time: Sat Dec 03 07:42:24 CET 2016