Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

The only one "Received"-header.

23 views
Skip to first unread message

Sciurus

unread,
Mar 25, 2004, 6:51:03 AM3/25/04
to
Does the only one "Received"-header give the evidence of the mail
directly sent via my post server to my users?

I proceed from RFC-1123 which says:
" ... Every receiver-SMTP (not just one that "accepts a message for
relaying or for final delivery" [SMTP:1]) MUST insert a
"Received:" line at the beginning of a message. In this line,
called a "time stamp line" in RFC-821 ... "

Since spammers send the mail to my users directly through my mail
server I block the mail with the only one "Received"-header (via
ckeck_eoh ruleset). Spam has greatly reduced though sometimes the mail
with faked Received-headers comes.

And everything was going well until the false case occurred.

I got an alert message from postmaster of Microsoft Exchange server
about impossibility of sending mail to my server. And there was only
one Received header in the mail from Exchange Server:

Received: from exchange-server.ru (mail.name.ru [1.2.3.4])
by ns1.mydomain.ru (8.12.10/8.12.10) with ESMTP id i2GCiKCD027614
for <postm...@mydomain.ru>; Tue, 16 Mar 2004 17:44:22 +0500
Subject:
=?koi8-r?B?UkU6IO7FINDSz8jPxMnUINDP3tTBIM7BINfB2yDz7fTwIHRlc3QgdA==?=
Date: Tue, 16 Mar 2004 15:39:37 +0300
MIME-Version: 1.0
Content-Type: text/plain; charset="koi8-r"
Message-ID: <37A060F0349CA842B93...@exchange-server.ru>

Does it mean that Exchange server sends the mail to my users directly
via my server or not?
Or does Exchange ignore inserting his own "Received:"-header?

I know that it isn't Exchange newsgroup but I would appreciate any
help on this matter.

Sciurus.

Aleksandar Milivojevic

unread,
Mar 25, 2004, 8:41:50 AM3/25/04
to
Sciurus wrote:
> Does it mean that Exchange server sends the mail to my users directly
> via my server or not?
> Or does Exchange ignore inserting his own "Received:"-header?

Your logic is flawed. I know of number of small organizations that have
only one mail server directly connected to the internet (maybe not
physically, but at least as SMTP is concerned). Whenever email is
originating from them, there's only one Received line. Because there
was only one MTA mail went through.

I'm a bit surprised that mails from organization size of Microsoft have
only one Received line.

Aleksandar Milivojevic

unread,
Mar 25, 2004, 3:07:55 PM3/25/04
to
Aleksandar Milivojevic <al...@fly.srk.fer.hr> wrote in message news:<c3unin$5e2$1...@ls219.htnet.hr>...

> Sciurus wrote:
> > Does it mean that Exchange server sends the mail to my users directly
> > via my server or not?
> > Or does Exchange ignore inserting his own "Received:"-header?
>
> Your logic is flawed [rest of my crap deleted]

I've read your message again, and than realized that I had answered
you with total crap. Sorry. Just ignore whatever I mumbled...

Malcolm Dew-Jones

unread,
Mar 25, 2004, 5:31:39 PM3/25/04
to
Sciurus (sci...@mail.ru) wrote:
: Does the only one "Received"-header give the evidence of the mail

: directly sent via my post server to my users?

: I proceed from RFC-1123 which says:
: " ... Every receiver-SMTP (not just one that "accepts a message for
: relaying or for final delivery" [SMTP:1]) MUST insert a
: "Received:" line at the beginning of a message. In this line,
: called a "time stamp line" in RFC-821 ... "

: Since spammers send the mail to my users directly through my mail
: server I block the mail with the only one "Received"-header (via
: ckeck_eoh ruleset). Spam has greatly reduced though sometimes the mail
: with faked Received-headers comes.

: And everything was going well until the false case occurred.

: I got an alert message from postmaster of Microsoft Exchange server
: about impossibility of sending mail to my server. And there was only
: one Received header in the mail from Exchange Server:

: Received: from exchange-server.ru (mail.name.ru [1.2.3.4])
: by ns1.mydomain.ru (8.12.10/8.12.10) with ESMTP id i2GCiKCD027614
: for <postm...@mydomain.ru>; Tue, 16 Mar 2004 17:44:22 +0500

Is the above the Received header that your server adds?

: Subject:


: =?koi8-r?B?UkU6IO7FINDSz8jPxMnUINDP3tTBIM7BINfB2yDz7fTwIHRlc3QgdA==?=
: Date: Tue, 16 Mar 2004 15:39:37 +0300
: MIME-Version: 1.0
: Content-Type: text/plain; charset="koi8-r"
: Message-ID: <37A060F0349CA842B93...@exchange-server.ru>

: Does it mean that Exchange server sends the mail to my users directly
: via my server or not?

? The Exchange server would always send the mail "directly" to your
server, unless the exchange server is behind a mail gateway. ?

: Or does Exchange ignore inserting his own "Received:"-header?

If the exchange mail system in question is set up as an automonous unit
then from the point of view of the exchange system it doesn't receive any
mail from its users. They simply create mail directly within the exchange
environment - i.e. from exchange's point of view, the exchange system
itself is the program that created the message, and the very first
transmission is when it (exchange) sends the mail to your system.

That is to say, exchange may not be adding a received header for the same
reason an automated program that sends via smtp wouldn't add a recieved
header to the mail it generates, or for the same reason your mail client
doesn't add a received header when it sends a message to your server.
(In both cases they generate the message, not receive it.)

It would be kind of like you running a mail system in which you generate
text files of the appropriate format directly in the sendmail queue
directory - sendmail would not add a received header to the mail because
from its point of view the message has not been "received", it simply
exists, ready to send.

Having said that, many, if not most, mail environments do appear to add at
least one received header to identify the "moment of conception" of any
message generated within themselves.

my $0.02

0 new messages