Re: [Exim] How to mark authenticated senders in the header?

Top Page
Delete this message
Reply to this message
Author: Gary Palmer
Date:  
To: michael
CC: exim-users
Subject: Re: [Exim] How to mark authenticated senders in the header?
michael@??? wrote in message ID
<20010109235053.30682.qmail@???>:
> Hello,
>
> I wondered how people mark authenticated senders in mail headers.


We use the following:

X-Info: This message was accepted for relay by
        smtp03.mrf.mail.rcn.net as the sender used SMTP authentication
X-Trace: UmFuZG9tSVbjCkK2025CGQyc0izfBnBF+0v28bZHlNfhsuRE0tdd07OfAH7dAncI
Received: from xxxx ([yy.yy.yy.yy] helo=zzzz)
        by smtp03.mrf.mail.rcn.net with asmtp (Exim 3.16 #5)
        id 14H9Df-0006TA-00; Fri, 12 Jan 2001 13:46:35 -0500


People complain that we "relay" for our own netblocks as it is, so I
felt it best to scream out about the fact the user used SMTP Auth to
be able to relay. The "with asmtp" looks too like "with esmtp" if
you're not looking closely.

The X-Trace header is something I grabbed from our USENET dept. Its a
MD5 hash of several parameters of the message (including the username
provided to the AUTH mechanism) encrypted with a unique key, and then
Base64 encoded.

We ended up hacking the received_header_text line as it was the only
place that we could find that the headers would be added when the
message was received. Most of the other options add headers at/during
delivery, which isn't sufficient (the timestamp in the trace would be
off, for one). I also wanted the trace header to be close to the
received header ... the other options seemed to add it way down in the
headers near the bottom.

So our received_header_text ended up looking like:

received_header_text = "${if def:authenticated_id {X-Info: This message was \
        accepted for relay by\n\t${primary_hostname} as the sender used SMTP \
        authentication\nX-Trace: ${perl{gentrace}{$authenticated_id}{$sender_host_address}{$header_message-id:}}\n}{}}\
        Received: \
        ${if def:sender_rcvhost {from ${sender_rcvhost}\n\t}\
        {${if def:sender_ident {from ${sender_ident} }}\
        ${if def:sender_helo_name {(helo=${sender_helo_name})\n\t}}}}\
        by ${primary_hostname} \
        ${if def:received_protocol {with ${received_protocol}}} \
        (Exim ${version_number} #${compile_number})\n\t\
        id ${message_id} \
        ${if def:received_for {\n\tfor $received_for}}"


The first 3 lines are our additions, everything after Received is from
the exim docs.

A small 20 line perl script does the work. Unfortunately I can't
share it with you, but its probably not too difficult to write your
own from what I've said above.

We encrypted all the info for two reasons. The first is that users
really don't like their username being exposed to the world without
their permission first. The second is a anti-spoofing feature. The
anti-spoofing is mostly useful for USENET (our news dept. uses the
same X-Trace format) since faking the origin news server in NNTP is
trivial. Its a lot less so for SMTP (fortunately).