Should I be removing first received header for client IP
in [Postfix]
|
From: Mark Krenz on 25 Jun 2010 12:59 On Fri, Jun 25, 2010 at 04:46:10PM GMT, Simon Waters [simonw(a)zynet.net] said the following: > > Ask for the bounced emails or other evidence for why they believe this. > > I've seen all sorts of misunderstanding from people looking at such things, so > simply ask for the evidence including headers for anything to do with spam. > Is there a mailing list that would help me figure out how to get this information from the user? ;-) Believe me, I ask repeatedly for this information all the time and its like pulling rusty nails out of an old barn. You'd think that over the past decade I would have gotten better at coaxing users into giving me all the details I need up front, but its still just as hard. So many users are already in the blame the provider mode nowadays that you have to disarm them first before you can get anything across. -- Mark Krenz IT Director Suso Technology Services, Inc.
From: "M. Fioretti" on 25 Jun 2010 14:53 On Fri, Jun 25, 2010 17:46:10 PM +0100, Simon Waters (simonw(a)zynet.net) wrote: > On Friday 25 June 2010 16:06:26 Mark Krenz wrote: > > > > They also think that because we leave > > that in that they are having their IP put on blacklists. > > Ask for the bounced emails or other evidence for why they believe this. FWIW, here's my case: http://stop.zona-m.net/digiworld/who-cancels-your-email-warning-infostrada-and-barracuda-users I *have* been put on a blacklist because the MTA of nexaima.net is on a fixed IP address which AFAIK is on no blacklist, but I relay through it from my home ADSL IP, which is a dynamic address. So I too would like to strip the first received header, exactly for that reason. Marco
From: /dev/rob0 on 25 Jun 2010 17:59 On Fri, Jun 25, 2010 at 08:53:44PM +0200, M. Fioretti wrote: > FWIW, here's my case: > > http://stop.zona-m.net/digiworld/who-cancels-your-email-warning-infostrada-and-barracuda-users > > I *have* been put on a blacklist because the MTA of nexaima.net is > on a fixed IP address which AFAIK is on no blacklist, but I relay > through it from my home ADSL IP, which is a dynamic address. You are on a blacklist at home along with most of the dynamic IP space in the world. Barracuda was improperly using that list. > So I too would like to strip the first received header, exactly > for that reason. Barracuda has fixed this bug already. They are aware that it IS a bug. You cannot possibly work around everybody's spamfighting bugs. And you will likely trigger other bugs with your changes. It was some time back now, but I have tested with Hotmail and confirmed that they will silently discard mail from a non-spammy host, if that mail has only one Received: header. Email is a mess. All you can do is do things right, and hope the other site does too. I know it doesn't feel like it, but this one really IS the other site's problem. -- Offlist mail to this address is discarded unless "/dev/rob0" or "not-spam" is in Subject: header
From: mouss on 25 Jun 2010 18:18 Mark Krenz a �crit : > Hi, this is more of a policy type of question, but I'm not sure who > else to ask right now. > > We are a small webhosting/email hosting provider. We offer our > clients authenticated SMTP relaying. One of our clients is complaining > because we don't strip out the first Received header line that shows > what their company IP address is when they send from say their Outlook > client. They are claiming that as a proper hosting provider, we > shouldn't be keeping that line in. They also think that because we leave > that in that they are having their IP put on blacklists. they are wrong. - the RFC recommends that each gateway adds trace headers - it is ok to strip trace headers for privacy or whatever, as long as you take responsibility for that (and accept the consequences: for ex: troubleshooting is hader...). - if a remote site blocklist them because of that, then either: 1) the remote site is wrong (bogus barracuda setup?) 2) They do send spam. > > So I'm wondering if that's true, have modern email relay server > practices changed for some reason? Am I going to run into issues > leaving it in? If you want an argument for keeping the headers, check the smtp RFC. or: the customer can't hide behind your walls. you provide security and standard smtp services, not an "outbound smtp filtering service". if you don't allow others to blocklist them (if they do somethig wrong), then others will blocklist all of your networks, which isn't good for other customers. > > I looked around last night and found some pages talking about how to > strip that line out, but I couldn't find any pages recommending that > this is the preferred practice now or something. > it is ok to strip headers when you accept the consequences (responsibility in case of complaints, diagnistics...) if you're an ISP, then you shouldn't strip the headers. Google does that, but google are google (and that has been debated many times <= not here, so please don't run such a thread).
From: Mark Krenz on 25 Jun 2010 23:34 On Fri, Jun 25, 2010 at 09:59:11PM GMT, /dev/rob0 [rob0(a)gmx.co.uk] said the following: > > Email is a mess. All you can do is do things right, and hope the > other site does too. I know it doesn't feel like it, but this one > really IS the other site's problem. You said it. I often tell customers that get burned by bad practices of other companies on the net that the Internet is still a lot like the wild west and if you want protection from the crazyness, you just have to live in a town with a good sheriff. -- Mark Krenz IT Director Suso Technology Services, Inc.
First
|
Prev
|
Pages: 1 2 Prev: Mail discarded Next: Should I be removing first received headerfor client IP |