SpamBlocker 4.1 blocks legal notifications from PayPal

SpamBlocker 4.1 blocks legal notifications from PayPal

Hello,

SpamBlocker 4.1 blocks legal notifications from PayPal at least when forwarding emails (in my case from one directadmin powered server to another one) as emails come from payment@paypal.com:

Code:

2012-09-12 14:20:48 [8571] 1TBhFf-0002EF-N3 DKIM: d=paypal.com s=dkim c=relaxed/relaxed a=rsa-sha1 i=@paypal.com t=1347434446 [verification succeeded]
2012-09-12 14:20:48 [8571] 1TBhFf-0002EF-N3 <= payment@paypal.com H=mx1.slc.paypal.com (mx0.slc.paypal.com) [173.0.84.226]:52102 I=[11.22.33.44]:25 P=esmtp S=15889 id=1347434446.31879@paypal.com T="Notification of payment received" from <payment@paypal.com> for finance@domain.com
2012-09-12 14:20:48 [8572] 1TBhFf-0002EF-N3 => finance <finance@domain.com> F=<payment@paypal.com> P=<payment@paypal.com> R=virtual_user T=virtual_localdelivery S=16003 QT=1s DT=0s
2012-09-12 14:20:53 [8571] SMTP connection from mx1.slc.paypal.com (mx0.slc.paypal.com) [173.0.84.226]:52102 I=[11.22.33.44]:25 closed by QUIT
2012-09-12 14:20:55 [8572] 1TBhFf-0002EF-N3 ** alexey@domain2.com (finance@domain.com) <finance@domain.com> F=<payment@paypal.com> P=<payment@paypal.com> R=lookuphost T=remote_smtp: SMTP error from remote mail server after RCPT TO:<alexey@domain2.com>: host mail.domain2.com [22.33.44.55]: 550 Forged Paypal Mail, not sent from PayPal.
2012-09-12 14:20:55 [8577] 1TBhFn-0002EL-4v <= <> R=1TBhFf-0002EF-N3 U=mail P=local S=16871 T="Mail delivery failed: returning message to sender" from <> for payment@paypal.com
2012-09-12 14:21:03 [8579] 1TBhFn-0002EL-4v => payment@paypal.com F=<> P=<> R=lookuphost T=remote_smtp S=17220 H=gort.ebay.com [216.113.167.215]:25 X=TLSv1:DHE-RSA-AES256-SHA:256 CV=no DN="/C=US/ST=California/L=San Jose/O=eBay, Inc./OU=Messaging_Team/CN=data.ebay.com" C="250 ok:  Message 1109547579 accepted" QT=8s DT=7s


Note, at the moment of writing this the check was already disabled on domain2.com, but enabled on domain.com

So, I’m quite sure, the check should be removed from the exim.conf.
For those, who does not, how to disable it, here is the guide:

Open /etc/exim.conf for editing in your favorite editor, find EDIT#40:

Code:

#EDIT#40:
    deny message = Forged Paypal Mail, not sent from PayPal.
        senders = *@paypal.com
        condition = ${if match {$sender_host_name}{\Npaypal.com$\N}{no}{yes}}


and comment it:

Code:

#EDIT#40:
##--    deny message = Forged Paypal Mail, not sent from PayPal.
##--        senders = *@paypal.com
##--        condition = ${if match {$sender_host_name}{\Npaypal.com$\N}{no}{yes}}


Comments are closed.