The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Bad Headers

Discussion in 'General Discussion' started by Salman75, Dec 27, 2005.

  1. Salman75

    Salman75 Well-Known Member

    Joined:
    Jan 20, 2004
    Messages:
    102
    Likes Received:
    0
    Trophy Points:
    16
    I have been getting a lot of spam reports from AOL lately and was confused by the headers. So I did a simple experiment. Here goes:

    1. Login to cPanel and create a forwarder to an outside domain. I used a Yahoo email address. So you have email@cpaneldomain.com forwards to email@yahoo.com

    2. Then i log into my hotmail account and sent an email to email@cpaneldomain.com which was then forwarded by the server to my yahoo account.

    3. Login to the Yahoo account and retrieve this email.

    4. Copy and paste ALL the headers into http://www.spamcop.com/

    You will be surprised to learn that SPAMCOP reported the message as origination from the CPANEL server, not hotmail.

    AOL is also using the same reporting technology. How is this possible????

    The message did not originate from the cPanel server, so how is it responsible for this message?

    AOL has blocked a few of our servers for this exact cause ... and it isn’t even our fault :mad:
     
  2. AndyReed

    AndyReed Well-Known Member
    PartnerNOC

    Joined:
    May 29, 2004
    Messages:
    2,222
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Minneapolis, MN
  3. Salman75

    Salman75 Well-Known Member

    Joined:
    Jan 20, 2004
    Messages:
    102
    Likes Received:
    0
    Trophy Points:
    16
    Thanks for the reply.

    Already doing that but AOL will remove the whitelist status as soon as a few more spam reports come in. Dealing with AOL, thats no easy issue either.

    But why and how do spamcop and aol see the message coming from our server rather than yahoo, hotmail or some other free service?

    The following headers were added to the forwarded emails:

    X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
    X-AntiAbuse: Primary Hostname - host122.cpaneldomain.com
    X-AntiAbuse: Original Domain - cpaneldomain.com
    X-AntiAbuse: Originator/Caller UID/GID - [0 0] / [47 12]
    X-AntiAbuse: Sender Address Domain - hotmail.com

    Makes no sense :confused:
     
  4. RizyDeWino

    RizyDeWino Well-Known Member

    Joined:
    Aug 1, 2005
    Messages:
    74
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Planet Earth
    Simply because the forwarders are setup at your server . The mail is not sent TO email@cpaneldomain.com and CC email@aol.com from some email account. It is only sent TO email@cpaneldomain.com and when it reaches at your server , your mail server checks that there is a forwarder and then your server's mail server send this mail to emil@aol.com (the forwarder).

    If you have some user having lot of forwarder to AOL and his own domain is reciening spam then that spam will be forwarded to AOL users too and your server's IP will be blocked by AOL later , and when you will contact them , they will tell you ask your users to remove the forwarders. This is how it is.
     
Loading...

Share This Page