View All Products
Compute
Storage
Networking
Databases
Services
Developer Tools
Industries
Pricing
Community
Engage With Us
Community Questions postfix and mail header
Log in to Ask a Question

postfix and mail header

email

when i look in the file: /var/mail/username i see a heaer line like this:

Received: from 172.16.4.32 (unknown [81.181.177.254])

I use it to put some bad ips in my postfix config files to stop spam.

But i do not know which one to get from the above line and use it in my bad ips list. and what each one means. If anybody can enlighten me I would appreciatte it.

Thank you in advance

jgabios

2 Replies

The second one (81.181.177.254) would be the actual IP address of the sender server (or client). This log line (which would also appear as an added "Received:" header in successfully transported mail) indicates that the sender tries to pass itself off with the IP address 172.16.4.32, which just belongs to a range that is used for a private network.

3\. Private Address Space

   The Internet Assigned Numbers Authority (IANA) has reserved the
   following three blocks of the IP address space for private internets:

     10.0.0.0        -   10.255.255.255  (10/8 prefix)
     172.16.0.0      -   172.31.255.255  (172.16/12 prefix)
     192.168.0.0     -   192.168.255.255 (192.168/16 prefix)

Excerpt from RFC 1918, the whole document can be read here:

http://www.faqs.org/rfcs/rfc1918.html

The IP address range 81.181.176.0 - 81.181.177.255, however, belongs to "SC Estel Service Net Srl" in Romania. You might also get in touch with them if you believe they have an abusive client on their network.

http://www.ripe.net/whois?form_type=sim … rch=Search">http://www.ripe.net/whois?formtype=simple&fullquerystring=&searchtext=81.181.177.254&dosearch=Search

thank you.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct