Related IP is my router - ORF Forums

@mfreixa: Hell mfrexia,

I suspect that the IP address of your router is missing from the Intermediate Host List (ORF Administration Tool > Blacklists > Intermediate Hosts), thus ORF thinks that the emails are coming from an intranet host and it whitelists them accordingly.

To determine the source IP address of an email, ORF inspects the “Received:” header fields in the message header, starting from the last recorded host. If the IP address of the examined host is on the Intermediate Host List, it gets skipped and ORF checks the next address. This continues until ORF finds a non-intermediate host address (=the source IP address), which then is used for ORF’s IP-based tests. Setting up the Intermediate Host List correctly is crucial for accurate filtering: It needs to include each delivery hop (SMTP hosts) between your network perimeter and the ORF server.

Please let me know if this has helped to solve the issue.

@mfreixa: Hello mfreixa,

Have you saved the ORF configuration ('Ctrl + S' or File > Save Configuration) to apply the new settings? If so, please make sure that nothing strips the “Received: from” lines from the message header (e.g. firewall, router or another internal SMTP host in the delivery chain), otherwise ORF will not be able to determine the source IP address of the incoming emails and will not function properly.

To verify that the message headers arrive intact, open one of the received emails (that seemingly originated from your router) in Outlook, invoke the Properties dialog from the File menu and check the "Internet headers" field at the bottom of the dialog box. You should see multiple "Received:" headers (with hostname, IP and time-stamp), one for each mail transfer agent that has received and forwarded the message. You may trace back any message to the original sender by reading the Received headers from top to bottom, so there should be at least one external IP address below your router's IP if everything is set up properly.