Phone Lines icon GFI Support Home Sign in
Start a conversation
  1. GFI Support
  2. GFI Support - Other Protection
  3. Articles

Prefetch does not retrieve the sending IP from emails

Versions / Builds Affected

2015 and later

Status

Open

Problem Summary

Prefetch module is not extracting the IP from the received email

TT / JIRAID

2741

How to Identify

A large amount of missed spam, usually after upgrading to 2015 or 2015 SR1. Filters that rely on the IP for filtering are not blocking the emails, such as IPDNSBL, Spamrazer, SPF, IP Blocklist. Example of log extracts: 2015-07-09,15:31:08,592,1,"#000012a8","#00002764","info ","EmailPrefetch","Received Header: received: from pickup by bavex01.bavaria.local with microsoft smtp server id 14.3.235.1; thu, 9 jul 2015 13:31:07 +0000" 2015-07-09,15:31:08,592,1,"#000012a8","#00002764","error ","EmailPrefetch","Failed to extract received lines" 2015-07-09,15:31:08,592,1,"#000012a8","#00002764","error ","EmailPrefetch","<< GetProp [0x80004005]" ------------------------------------- 2015-07-09,15:31:08,706,1,"#000012a8","#00002764","info ","ase_dnsbl","Failed while getting connecting IP from InfoRetiever" 2015-07-09,15:31:08,706,1,"#000012a8","#00002764","info ","ase_dnsbl","No last IP could be extracted. Using connection IP address." 2015-07-09,15:31:08,706,1,"#000012a8","#00002764","info ","ase_dnsbl","GFI_MTAMSGPROPS_CONNECTION_SERVER_IP_ADDRESS is not available (0x80070057)" 2015-07-09,15:31:08,706,1,"#000012a8","#00002764","info ","ase_dnsbl","No IP Address could be extracted. Skipping message" ------------------------------------- 2015-07-09,15:31:08,592,1,"#000012a8","#00002764","error ","ase_spamrazer","[ExtractConnectingIPW:43] 'Failed to get connecting IP address from 'Received' headers' [HR: 0x80070057]" 2015-07-09,15:31:08,592,1,"#000012a8","#00002764","info ","ase_spamrazer","(IPRep) IP reputation did not execute (invalid parameters [] [])" 2015-07-09,15:31:08,592,1,"#000012a8","#00002764","warning","ase_spamrazer","(Score) [0x12EAE920] Smtp Envelop: [not set]" 2015-07-09,15:31:08,593,1,"#000012a8","#00002764","error ","ase_spamrazer","[ExtractConnectingIPW:43] 'Failed to get connecting IP address from 'Received' headers' [HR: 0x80070057]"

Workaround / Fix Details

None at the moment

Required Actions

Gather full set of logs and escalate
Choose files or drag and drop files
Was this article helpful?
Yes
No

  1. Priyanka Bhotika

  2. Posted

Comments