You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by John Beck <jb...@eng.sun.com> on 2005/01/14 15:26:51 UTC
Re: Matching Envelope Recipient
Keith> Below are headers from spam I received. Why is the envelope recipient
Keith> not in the received header??? i changed the To: user's email to xxxxxx
Keith> for privacy, but this mail also arrived into a mailbox which was not
Keith> the mailbox in the To: header.
Keith> Received: from ghettofabulous.ca ([222.64.180.23])
Keith> by tricks.tbmc.ie (8.12.11/8.12.11) with SMTP id j0E00kJZ024303;
Keith> Fri, 14 Jan 2005 00:00:49 GMT
Short answer: because there was more than one local recipient.
Long answer: the default Received header for sendmail 8.12.11 is thus:
Received: $?sfrom $s $.$?_($?s$|from $.$_)
$.$?{auth_type}(authenticated$?{auth_ssf} bits=${auth_ssf}$.)
$.by $j ($v/$Z)$?r with $r$. id $i$?{tls_version}
(version=${tls_version} cipher=${cipher} bits=${cipher_bits} verify=${verify})$.$?u
for $u; $|;
$.$b
Since neither SMTP AUTH nor TLS are in play here, let's simplify that:
Received: $?sfrom $s $.$?_($?s$|from $.$_)
$.by $j ($v/$Z)$?r with $r$. id $i
$?u
for $u; $|;
$.$b
Now, the $?x ... $| ... $. syntax is sendmail.cf's baroque way of saying
if macro x is set then ... else ... endif, and likewise $?x ... $. means
if macro x is set then ... endif, and the macros in play here are:
* s: the name the SMTP client claimed in its HELO/EHLO greeting: in your
above example, this is "ghettofabulous.ca"
* _: the actual IP address of the SMTP client (inside square brackets),
and, if it reversed-mapped to anything, the name it reverse-mapped
to ("[222.64.180.23]" in your example)
* j: the fully qualified host name of the SMTP server ("tricks.tbmc.ie")
* v: the sendmail binary version ("8.12.11")
* Z: the sendmail.cf version ("8.12.11")
* r: the protocol used, usually "SMTP" or "ESMTP" ("SMTP")
* i: the queue ID ("j0E00kJZ024303")
* u: the SMTP envelope recipient(s), but (and this is the key to your
question) if there is more than one recipient, this macro is unset to
protect the privacy of all recipients (e.g., so if the sender blind
copied anyone, that the others would not be able to determine this)
(unset in your example)
* b: the current date & time in RFC 2822 format
("Fri, 14 Jan 2005 00:00:49 GMT")
HTH,
-- John
Re: Matching Envelope Recipient
Posted by John Beck <jb...@eng.sun.com>.
Keith> Would you also have any insight on my other question, which is "Can
Keith> I access the Envelope Recipients in SA, called from Mimedefang"?
Sorry, I have only limited experience with milter (assuming you're even
using that), and almost none with mimedefang. Good luck!
-- John
Re: Matching Envelope Recipient
Posted by Keith Whyte <ke...@media-solutions.ie>.
John Beck wrote:
>* u: the SMTP envelope recipient(s), but (and this is the key to your
> question) if there is more than one recipient, this macro is unset to
> protect the privacy of all recipients (e.g., so if the sender blind
> copied anyone, that the others would not be able to determine this)
> (unset in your example)
>
>
Wow John, thanks for your super detailed reply.
Now I remember reading that years ago.
Would you also have any insight on my other question, which is "Can I
access the Envelope Recipients in SA, called from Mimedefang"?
I'm trying to set up some really specific rules for mail addresses to
the majordomo list control address, as I'm being plagued by MJD bouncing
messages with ....bad command..... Of course these bounces just bounce..
and i'm not happy having my system bouncing spam.
Thing is, much mail is coming in without Majordomo in the To: or Cc:,
but specified as RCPT TO:
maybe the only answer is mimedefang's
stream_by_recipient()
Thanks!,
Keith.