[CentOS] dealing with spoofing
Bowie Bailey
Bowie_Bailey at BUC.com
Wed Aug 31 21:00:15 UTC 2011
On 8/31/2011 4:50 PM, Josh Miller wrote:
> On 08/31/2011 01:48 PM, Bowie Bailey wrote:
>> On 8/31/2011 4:37 PM, Josh Miller wrote:
>>> On 08/31/2011 01:33 PM, m.roth at 5-cent.us wrote:
>>>> You're saying it uses the envelope, not if exists Reply-To, else From? The
>>>> problem I have with that is that a few of them have returned the email,
>>>> with full headers, and I see the *only* reference to my email address is
>>>> in the Reply-To.
>>> You are seeing the "full" email headers. You will not see the envelope
>>> headers unless you capture packets or view mail server logs, etc..
>> Actually, what you are interested in is the envelope sender that the
>> remote server saw. And there is no way for you to see that unless you
>> have access to the remote server's logs.
>>
> That is not true as the remote server will present the envelope header
> to your mail server upon connection.
Yes, but the issue was in confirming which email address was used in
that connection. If you assume that the remote server is replying to
the envelope header, then yes. But if you are trying to confirm that,
then you do not have enough data.
You could, of course, create your own message with known (and differing)
From, Reply-To, and envelope headers and watch the result.
--
Bowie
More information about the CentOS
mailing list