Re: [exim] Sender callouts

Top Page
Delete this message
Reply to this message
Author: Wakko Warner
Date:  
To: Edgar Lovecraft
CC: Exim-users
Subject: Re: [exim] Sender callouts
Edgar Lovecraft wrote:
> Wakko Warner wrote:
> > I don't know what information exchange leaks in the received header or
> > if any. I do know that using lookout with other MTAs can lead to local
> > lan IP information (even the netblock the local lan uses) and the
> > client's hostname if the server reports HELO information. I personally
> > will not accept any email if it does not have a message id header. I
> > don't know which is worse, netscape (Not sure about newer versions, but
> > 4.x was like this) HELOing using the user's email domain (common spammer
> > trick) or outlook HELOing with the PC's netbios name.
> >
>
> Three notes;
>
> 1. Exchange does not even add a recieved header for messages submitted to
> the Exchange server over non-smtp protocols, i.e. most Outlook clients.
> It does add a recieved header for any SMTP transaction. (It may be
> possible to change the behavior for either, I have never had a real need
> to investigate the behavior as anoying as I find it, as every message
> submitted to my MX servers should have at lease ONE recieved header before
> I ever see the message...)


Actually sounds like a mail scanning system I wrote. It doesn't add
received headers.

> 2. It is not the machines Netbios name only, it is the machines
> Netbios name plus the 'DNS suffix' which is rarely defined. Much like
> never adding a domain to a *nix box, and only defining the hostname.
> Windows machines will add the full host+domain if everything is defined
> properly.


DNS suffix as in? Win2000/XP/2003 have a system wide DNS suffix and a
connection specific DNS suffix. I do know that using the connection
specific doesn't cause it to helo as a fqdn. Most of our computers are on a
domain, and again, they do not help with an fqdn. I have not specifically
looked at setting the system wide dns suffix so I haven't had any experience
with this.

> 3. Unless I remember RFC2822 improperly, there are only two headers that
> MUST be in EVERY message, the Date: and From: headers. Some additional
> headers I think are required but only under special circumstances such
> as replies, but in general, all other headers are just 'shoulds', or
> 'would be real nice if you use it' ;)


I realise this. However, this server is hosting 1 user (myself). As the
old saying goes "my server my rules". It has never caused a problem for me
and if it does, it's 1 or 2 mails lost out of over 300 a day I receive.

--
Lab tests show that use of micro$oft causes cancer in lab animals