My apologies. Email headers are attached this time.
-Nick
From: Nicholas Hickman
Sent: Wednesday, December 21, 2011 3:46 PM
To: ASSP development mailing list ([email protected])
Subject: DenyStrict from invalid header IP
I am trying to troubleshoot an issue that cropped up something yesterday.
In my log:
Dec-21-11 13:49:06 m1-93345-13423 [DenyStrict] 131.64.100.11
<[email protected] <mailto:[email protected]%20> > to: dest_user @xxx.com
(OIP: 2.11.145.149) blocked by denySMTPConnections or droplist strict: 2.0.0.0/8
Dec-21-11 14:02:08 m1-94127-00531 [DenyStrict] 131.64.100.6
<[email protected]<mailto:[email protected]>> to:
[email protected]<mailto:[email protected]> (OIP: 1.211.145.134) blocked by
denySMTPConnections or droplist strict: 1.0.0.0/8
I have attached redacted email headers for these messages.
Is this a problem with the sources email servers by using invalid internal
IP's? Until I can figure out why, I have switched DoDenySMTPstrict to monitor
and disabled DoDropList.
Thanks,
Nick
Email1
X-Assp-Version: 2.1.2(11354) on mf1.dtechlabs.com
X-Assp-Whitelisted: Yes
X-Assp-Tag: DenyStrict
X-Assp-ID: mx1.xxx.com m1-93345-13423
X-Assp-Detected-RIP: 131.64.77.10, 2.11.145.149, 131.64.100.153
X-Assp-Source-IP: 131.64.77.10
X-Assp-Spam-Reason: (OIP: 2.11.145.149) blocked by denySMTPConnections
strict '2.0.0.0/8'
X-Assp-Message-Totalscore: 0
Received: from edge-cols.mail.mil ([131.64.100.11] helo=edge-cols.mail.mil)
by mx1.xxx.com with ESMTP (2.1.2); 21 Dec 2011 13:49:05 -0500
Received: from UCOLHP3N.easf.csd.disa.mil (131.64.100.153) by
ucolhp3l.easf.csd.disa.mil (131.64.100.11) with Microsoft SMTP Server (TLS)
id 14.1.323.3; Mon, 19 Dec 2011 15:30:22 -0600
Received: from UCOLHP4F.easf.csd.disa.mil ([169.254.8.87]) by
UCOLHP3N.easf.csd.disa.mil ([2.11.145.149]) with mapi id 14.01.0323.003; Mon,
19 Dec 2011 15:30:20 -0600
Email2
X-Assp-Version: 2.1.2(11354) on mf1.dtechlabs.com
X-Assp-Whitelisted: Yes
X-Assp-Tag: DenyStrict
X-Assp-ID: mx1.xxx.com m1-94127-00531
X-Assp-Detected-RIP: 131.64.77.8, 1.211.145.134, 131.64.100.146
X-Assp-Source-IP: 131.64.77.8
X-Assp-Spam-Reason: (OIP: 1.211.145.134) blocked by denySMTPConnections
strict '1.0.0.0/8'
X-Assp-Message-Totalscore: 0
Received: from edge-cols.mail.mil ([131.64.100.6] helo=edge-cols.mail.mil)
by mx1.xxx.com with ESMTP (2.1.2); 21 Dec 2011 14:02:07 -0500
Received: from UCOLHP3G.easf.csd.disa.mil (131.64.100.146) by
UCOLHP4Z.easf.csd.disa.mil (131.64.100.6) with Microsoft SMTP Server (TLS) id
14.1.323.3; Wed, 21 Dec 2011 12:57:55 -0600
Received: from UCOLHP4F.easf.csd.disa.mil ([169.254.8.87]) by
UCOLHP3G.easf.csd.disa.mil ([1.211.145.134]) with mapi id 14.01.0339.001;
Wed, 21 Dec 2011 12:57:54 -0600------------------------------------------------------------------------------
Write once. Port to many.
Get the SDK and tools to simplify cross-platform app development. Create
new or port existing apps to sell to consumers worldwide. Explore the
Intel AppUpSM program developer opportunity. appdeveloper.intel.com/join
http://p.sf.net/sfu/intel-appdev
_______________________________________________
Assp-test mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/assp-test
