From: Victor Duchovni (Victor.DuchovniMorganStanley.com)
Date: Thu Sep 01 2005 - 19:53:24 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Sep 01, 2005 at 05:38:29PM -0700, Karl S. Katzke wrote:

> Usually, in mail headers, the first "Received:" header line is the
> originiating SMTP server.

This is false, even with MSAs the first Received header will show
the receipt of the message via SMTP from the originating MUA. You
can with some care and effort set up a dedicated MSA listener
that only accepts SASL authenticated mail from MUAs, checks
the sender address address against the login name, and only if
all is well, uses "IGNORE" in a header_checks table to drop
the Received header that is generated for the message origin.

A dedicate Postfix instance is the simplest approach, but you
can also do this with a bunch of master.cf customizations and an
"cleanup_service_name" override for the MSA listener, with a dedicated
cleanup instance, ... really ugly, go with the full instance appraoch
if you must have this.

Frankly I think that folks who configure SA to block mail based on IP
addresses in Received headers are rather unwise. Do you really need
to accomodate their folly?

--
        Viktor.

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.

To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:majordomopostfix.org?body=unsubscribe%20postfix-users>

If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]