• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Issue Missing SMTP "received from" header

F

federicosayd

New Pleskian
Server operating system version
Debian 10.13
Plesk version and microupdate number
18.0.64 Update #1
Hi:

I have been trying to report some spam messages to SpamCop. But when I report the entire message with the headers, SpamCop can't determine the source IP of the spamming server.
I have checked and some messages get the "Received from" header but others (like Gmail messages) don't. Other non-Plesk Postfix servers I manage correctly add the received header, I don't know sometimes Plesk doesn't.

Any idea why Plesk isn't adding the "Received from" header?

Plesk version: Obsidian 18.0.64 Update #1
SO: Debian 10.13
SMTP Server: Postfix
 
Here is an anonymized message from Gmail to our email domain (replaced with mydomain.com):

Code: 
ARC-Seal: i=1; cv=none; a=rsa-sha256; d=mydomain.com; s=default;
 t=1730215538;
 b=6mxCwfpmgA6lvV3GjzN8DYbW+hf+gkSunop1JUe3Eh7jElg5eoN6e8o+NawHHKmyfE0O6
 YaoO4BJ3ZZxM9yGJNcz7L7lw1VRx/9nsj0eHiPgjgT4wf0UzeVJFIZ8GYRJevTWppIQ5xR5
 xK6XccbePysJ9KrfMTUQN99ZzPDAAl4=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;
 d=mydomain.com; s=default; t=1730215538; h=mime-version : from : date :
 message-id : subject : to : content-type : from;
 bh=NOC3GERh6phKJfVsIRc26wbrxQ5iSxoCKUWxVu7OHIg=;
 b=fngeg150+4jrvS4ff4JG4eyAPyy80QE5VDtOWty7H5lKKh3QE3ptKlufIKmmS1RFsntF+
 wSlj65wTKmjkITROF8Gv29iEAtoKS2ikv/s/lIth7DU8xzpmNPIOTbZD0BRjD6m2veCekr/
 sn4jFid95AiLRTax2PSmpOzQF0u5J7Y=
ARC-Authentication-Results: i=1; smtp.mydomain.com;
  dmarc=pass smtp.from=gmail.com header.from=gmail.com;
  dkim=pass header.d=gmail.com;
  spf=pass [email protected] smtp.helo=mail-lj1-f178.google.com
Return-Path: <[email protected]>
X-Original-To: [email protected]
Delivered-To: [email protected]
X-Virus-Scanned: Debian amavisd-new at smtp.mydomain.com
Received: by mail-lj1-f178.google.com with SMTP id 38308e7fff4ca-2f75c56f16aso52073241fa.0
        for <[email protected]>; Tue, 29 Oct 2024 08:25:34 -0700 (PDT)
Authentication-Results: smtp.mydomain.com;
        dmarc=pass (p=NONE sp=QUARANTINE) smtp.from=gmail.com header.from=gmail.com;
        dkim=pass header.d=gmail.com;
    spf=pass (sender IP is 209.85.208.178) [email protected] smtp.helo=mail-lj1-f178.google.com
Received-SPF: pass (smtp.mydomain.com: domain of gmail.com designates 209.85.208.178 as permitted sender) client-ip=209.85.208.178; [email protected]; helo=mail-lj1-f178.google.com;
X-Virus-Scanned: Debian amavisd-new at smtp.mydomain.com
X-Spam-Flag: NO
X-Spam-Score: -1.394
X-Spam-Level:
X-Spam-Status: No, score=-1.394 tagged_above=-9999 required=5
    tests=[BAYES_00=-1.9, DCC_REPUT_13_19=-0.1, DKIM_SIGNED=0.1,
    DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
    FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, KAM_NUMSUBJECT=0.5,
    RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001,
    SPF_HELO_NONE=0.001, SPF_PASS=-0.001, TXREP=0.305]
    autolearn=no autolearn_force=no
Received: by mail-lj1-f178.google.com with SMTP id 38308e7fff4ca-2f75c56f16aso52073241fa.0
        for <[email protected]>; Tue, 29 Oct 2024 08:25:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1730215534; x=1730820334; darn=mydomain.com;
        h=to:subject:message-id:date:from:mime-version:from:to:cc:subject
         :date:message-id:reply-to;
        bh=NOC3GERh6phKJfVsIRc26wbrxQ5iSxoCKUWxVu7OHIg=;
        b=N4RRotD3tCOn1kd2mWduQnYItz97JO3QcLJFGjQNXTcXp+LpYL7qe5G+hE5m8qV96I
         smZ9zWYCFYURHdM9Veila5CwKZHAxEzb6sWiKZLbpTHARo5HqK/IZejf/WWHCp2AUou/
         X+okyGOLIc6L8G1oxYxbHkGSTRhCDVV1kQ69c6vcxKhn6JS2r2EDs6EJ7mg9fhAd52DR
         iTTt05+KX5HX4En9744HONaoSeDMYiQ6Kkp+DzaIVA0o9M4l0uM1ZaUhTjWe9hQCuNLF
         tHk4J2azpDbuxeXv0TkoXqnLwKTjHJYG2PQMAbE2H3AgzdlIWYPAQqGmO7JS5mMJ5OEQ
         APKg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1730215534; x=1730820334;
        h=to:subject:message-id:date:from:mime-version:x-gm-message-state
         :from:to:cc:subject:date:message-id:reply-to;
        bh=NOC3GERh6phKJfVsIRc26wbrxQ5iSxoCKUWxVu7OHIg=;
        b=q/GKMPv8WHn0Dy+1GyVtcjbZCB3A4TuJAlVBaadNjYAEbi7Lor+Die6KwXbceSKqJT
         vwidxbE5+BYLTOhgkjjLrbCchG1m0w3R4yM2n2m1ToLlWnyeZZfPOmkWQaM/UUeL8xDb
         WiIJLJ7fWKf6I12M3tqqfDNRALDOeagG4/l3nsiuyxlChjzj071Sk2mxZZSSwNOqDtEP
         A1Trs3XQGzbS/GDuGu/88g3GYvcYZFHw84OQ4Uq4opMQg+DV6lw5BF4H8rjJqbMBeBtR
         t1o9sALdOqxrJFX61VjjtqXPDXq84y9R5Ej0HznE03glVHgnl4LgJ1OI0zqLZOdeMaXd
         xKLQ==
X-Gm-Message-State: AOJu0YwWol2/RDVfiXkC2DvokODebNoM65JkppZWe8eC5IKXfQRJJv3i
    NYLOxz6emQ4mlBrRN8OOEm2cBpY6ruVvoC0tPQFXlAPDDz96xt7+9Xu3JVh8FzRK/Lec7uk95oL
    U+uSQH8oXeFmhRAZ5aszpISe7XKrGoQ==
X-Google-Smtp-Source: AGHT+IGGAmbEj9o/1prUE6ilPg+KPeo50sGaez++5DG/Cq2MyXnAVIV8q1VIjqmjr6DuM4bCIs2WuFLObHUBTetOnP8=
X-Received: by 2002:a05:651c:505:b0:2f6:6074:db71 with SMTP id
 38308e7fff4ca-2fcbdfc67cdmr59908571fa.17.1730215533553; Tue, 29 Oct 2024
 08:25:33 -0700 (PDT)
MIME-Version: 1.0
From: Sender <[email protected]>
Date: Tue, 29 Oct 2024 12:25:22 -0300
Message-ID: <CABx8vR8E8Ck7sZ4dXi-MQOqKVrDLNm3VNzwqP6v_jZO7t+qu2A@mail.gmail.com>
Subject: Header test
To: [email protected]
Content-Type: multipart/alternative; boundary="00000000000043300406259f3283"


--00000000000043300406259f3283
Content-Type: text/plain; charset="UTF-8"


Header test


--00000000000043300406259f3283
Content-Type: text/html; charset="UTF-8"


<div dir="ltr">Header test</div>


--00000000000043300406259f3283--
 
The quoted headers are internal Google hops.

I am expecting a received header like this:
Received: from a3-16.smtp-out.eu-west-1.amazonses.com (a3-16.smtp-out.eu-west-1.amazonses.com [54.240.3.16])
by smtp.mydomain.com (Postfix) with ESMTPS id 772CD7009A2
for <[email protected]>; Wed, 30 Oct 2024 11:00:38 +0100 (CET)
Click to expand...
Note that both the remote SMTP server name and IP address are logged (from), also the local server name (by)

"from" is the remote SMTP server and "by is the local server at that hop.
 
I am unsure, but could this removal be done with `amavisd` or any other third-party solutions/customization? This post prompted me to think about this idea.
 
You must log in or register to reply here.

Similar threads

I
Question Mail only for notifications from Plesk
Replies
0
Views
234
Igdirli76
I
C
Issue Help needed with spam filtering
Replies
5
Views
685
ciB
C
S
Issue htaccess header missing
Replies
1
Views
1K
SKDamon
S
E
Question Is multiple HELO registration possible?
Replies
2
Views
572
emrekoc
E
mapodec
Resolved Emails sent from Plesk accounts are not delivering only to Google Workspace
Replies
2
Views
636
mapodec
mapodec
Back
Top