Hi,
We paid to have Parallels Premium Outbound Antispam running on one of our servers but we're having some difficulties with the statistics and headers.
After solving issues with the script that calculates statistics, we noticed that most of the spam was generated by 127.0.0.1. Initially I thought that the spam messages could have been generated by a PHP script but after some research, I noticed that the SenderID header is not properly obtained / kept for emails.
I configured PPOA to save spam / suspected spam messages and while looking at the headers I noticed that about 93% of the messages have:
Then I found this document http://www.commtouch.com/uploads/pd...nd-Spam-Protection-Configuration-Modified.pdf and this description:
So my questions / issues are:
1: I have configured PPOA to use 'SMTP authentication username' as the Unique Sender Identifier and outgoing email requires an authenticated user. Why is SenderID only keeping 127.0.0.1?
2: Most of the message where not originated from within localhost (comparing 'X-CTCH-SenderID' with the 'Received' header). Why is there a difference?
3: Since most of the messages are incoming spam, why is Parallels Premium Outbound Antispam catching them? Should PPOA be running only for outgoing messages?
4: How is this affecting the Dashboard statistics presented in the main page of Parallels Premium Outbound Antispam?
System information:
At this point we're not really sure of how reliable PPOA's operation and generated information is so any comments / suggestions / similar experiences that you might have would be greatly appreciated.
Thanks!
We paid to have Parallels Premium Outbound Antispam running on one of our servers but we're having some difficulties with the statistics and headers.
After solving issues with the script that calculates statistics, we noticed that most of the spam was generated by 127.0.0.1. Initially I thought that the spam messages could have been generated by a PHP script but after some research, I noticed that the SenderID header is not properly obtained / kept for emails.
I configured PPOA to save spam / suspected spam messages and while looking at the headers I noticed that about 93% of the messages have:
Code:
X-CTCH-SenderID: 127.0.0.1
Then I found this document http://www.commtouch.com/uploads/pd...nd-Spam-Protection-Configuration-Modified.pdf and this description:
Code:
X-CTCH-SenderID: [email protected] –ID of the message sender
So my questions / issues are:
1: I have configured PPOA to use 'SMTP authentication username' as the Unique Sender Identifier and outgoing email requires an authenticated user. Why is SenderID only keeping 127.0.0.1?
2: Most of the message where not originated from within localhost (comparing 'X-CTCH-SenderID' with the 'Received' header). Why is there a difference?
3: Since most of the messages are incoming spam, why is Parallels Premium Outbound Antispam catching them? Should PPOA be running only for outgoing messages?
4: How is this affecting the Dashboard statistics presented in the main page of Parallels Premium Outbound Antispam?
System information:
Code:
Architecture: Linux 2.6.32-358.14.1.el6.x86_64 #1 SMP Tue Jul 16 23:51:20 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux
OS: CentOS 6.4 (Final)
Panel version: 11.5.30 Update #13 - psa-11.5.30-cos6.build115130819.13.x86_64
At this point we're not really sure of how reliable PPOA's operation and generated information is so any comments / suggestions / similar experiences that you might have would be greatly appreciated.
Thanks!