Jump to content

Recommended Posts

Posted

How up to date are the ip lists used? We block China but still get email from there, this ip 114.101.17.197 sent 12 emails last night and it traces back to China.

 

 

Eset.JPG

Posted
1 hour ago, HenrysCat said:

We block China but still get email from there, this ip 114.101.17.197

CHINANET Anhui PROVINCE NETWORK China Telecom No.31,jingrong street Beijing 100032

It's a backbone server, CHINANET-BACKBONE No.31,Jin-rong Street. As such, it wouldn't be the origin of the e-mail but just an intermediary delivering it. 

  • ESET Staff
Posted

Hi,

Our GeoIP DB correctly identifies this IP as Chinese.

But only the sender's address (last hop) is verified against Blocked countries list, not all intermediate servers from Received headers.

Posted
5 hours ago, M.K. said:

But only the sender's address (last hop) is verified against Blocked countries list, not all intermediate servers from Received headers.

The from address was contact@candidconcepts.com which traces to a UK ip, I have reported to the abuse address, is there anything else I can do?

  • ESET Staff
Posted

Hi,

I meant sender's IP address in this context - this is usually the topmost Received header.

M.K.

Posted

Oh ok, so the senders ip was 114.101.17.197  yet the messages get through?

Posted (edited)

As far as candidconcepts.com goes, the IP addresses associated with it are 88.208.222.179 and 88.208.222.180.

As far as domain name blocking goes, have you tried *.candidconcepts.com/* and *.candidconcepts.net/*? I assume Eset mail server supports that wildcard notation.

1 hour ago, HenrysCat said:

Oh ok, so the senders ip was 114.101.17.197  yet the messages get through?

Block that IP address then. Doing so might end up blocking a lot of legit e-mail though. It appears a lot of Internet traffic routes through those relay backbone servers.

Edited by itman
  • 2 weeks later...
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...