Re: [Exim] Hiding Source IP in RFC 822 Mail headers

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MJason Ostrom at <-
MSuresh Ramasubramanian at ->
Delete this message
Reply to this message
Author: Kevin P. Fleming
Date:  
CC: exim-users
Subject: Re: [Exim] Hiding Source IP in RFC 822 Mail headers
Jason Ostrom wrote:

> With this particular abuser, they also used "mail_out_v34.13". So
> maybe it is safe to assume that this MUA removes the source IP, and
> the abuser isn't as smart as I thought they were?
>

If this is really an MUA, it will never see the Received header. If this
is actually the first-hop MTA (more likely), the situation is just that
the Received header that it adds never _had_ the source IP. I don't
think anyone along this path is _removing_ the source IP, it was just
never added.

Understand that any MTA can format its Received header (or not add one
at all) in any format it chooses. So, most likely there's nothing weird
going on here in terms of anyone modifying headers or hiding them or
such, this particular message path just doesn't generate an initial
Received headed with any IP addresses in it.



This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-[Exim] Playing with SMTP AUTH & CRAM-MD5Re: [Exim] Exim at high loads->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)