 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
scottmarydavidsam-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org wrote:
> 1) Any ideas on how the destination email address can be hidden so that you
> can't see it outside of the header, but it routes properly?
An important thing to realized with SMTP is that the text of the
message, including the headers, has no direct relation to how the
message gets routed. (There are separate RFCs that deal with the SMTP
protocol and the message text.)
The analogy that is typically used is paper mail, where your email (with
headers) represents the letter, and the addresses exchanged in the SMTP
transaction represent the information on the envelope. And thus you'll
hear the terms "envelope sender" and "envelope recipient" referring to
the SMTP "MAIL FROM" and "RCPT TO" commands respectively.
Knowing this you can see how a message can be directed at a recipient
using the SMTP envelope addresses, while the text of the message
indicates a different recipient.
By convention, Mail Transport Agents record diagnostic information to
the mail headers, often including the original envelope addresses. The
Return-Path and Delivered-To headers, which sometimes appear, also can
sometimes indicate the envelope addresses. (The latter technically
doesn't reflect the recipient envelope address, as the MTA might have
transformed the address through a lookup table before determining the
final recipient.)
> One of our users ("kathy" in the header below) has received about 30
> messages from other people trying to unsubscribe from a mailing list called
> centerforgastricbypass.com. This domain has nothing to do with our company
>
> 2) Suggestions on how to stop this aside from simply blocking the domain?
So the messages your user is receiving appear to be from individuals who
want to get off of a mailing list, yet the messages they send your user
are processed through centerforgastricbypass.com with an envelope sender
address of highereducation-bounces-+W/nxiUF/q+PG+0iJ8KoT7wmdA9tuvIw0E9HWUfgJXw at public.gmane.org, rather
than being sent by the end-users trying to unsubscribe?
It sounds to me like someone made a typo at centerforgastricbypass.com
when setting up the highereducation-bounces alias and somehow included
your user's address. There should be no harm in blocking the domain
temporarily, but I'd follow up by contacting centerforgastricbypass.com
and requesting they correct the situation. (If they have an actual
domain and are using mailing list software, they're more likely to be a
legit business and not just criminals using a bot network.)
-Tom
--
Tom Metro
Venture Logic, Newton, MA, USA
"Enterprise solutions through open source."
Professional Profile: http://tmetro.venturelogic.com/
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
