LISTSERV - HP3000-L Archives

HP3000-L Archives

February 1997, Week 3

HP3000-L@RAVEN.UTC.EDU

	LISTSERV Archives
	HP3000-L Home
	HP3000-L February 1997, Week 3

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re[2]: Another Off-The-Subject Subject
From:	Chris Bartram <[log in to unmask]>
Reply To:	[log in to unmask][log in to unmask]
Date:	Fri, 21 Feb 1997 13:12:08 -0400
Content-Type:	Text/Plain
Parts/Attachments:	Text/Plain (28 lines)

 In <[log in to unmask]> [log in to unmask] writes:

> Bruce Toback wrote:
> > Jeff Kell writes:
>
> > >In your example above, the mail
> > >probably didn't originate at "airmail.net" but could instead have
> > >been injected at any number of PPP sites (signup for a trial account,
> > >inject your spam, disappear from sight).
> >
> > It's worse than that, Jeff. The mail can be made to appear originate from
> > ANY site running sendmail -- which is almost every site.
>
> Depends on what sendmail.  The "basic" stuff takes the SMTP HELO name
> and uses it as from.  This has been enhanced once to list the IP
> address of the origin, and enhanced again to do a reverse DNS on the
> origin IP.

Mailers are *supposed* to add a RECEIVED line to any message passing through
that documents the system name (at least) and preferably the IP address of
the host connecting to it (the one that's submitting the SMTP commands). These
headers are normally added to the very beginning of all headers in the mail
message.

It's certainly not perfect, but it does help.

                    -Chris "yeah NetMail/3000 does that" Bartram

ATOM RSS1 RSS2

RAVEN.UTC.EDU