[973] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

Re: [linux-security] sendmail security

daemon@ATHENA.MIT.EDU (Joseph S. D. Yao)
Sat Jul 27 10:36:37 1996

Date: Fri, 26 Jul 1996 15:00:37 -0400
From: "Joseph S. D. Yao" <jsdy@cais.cais.com>
To: jhenders@bogon.com, rbulling@obscure.org
Cc: linux-security@tarsier.cv.nrao.edu, RDMiller@legislate.com

> From: Richard Bullington <rbulling@obscure.org>
> Can someone quote from an SMTP related RFC that specifies what should
> be in the "Received:" header? Is Smail being a bad SMTP citizen?

>From rfc822.txt:
...
     received    =  "Received"    ":"            ; one per relay
                       ["from" domain]           ; sending host
                       ["by"   domain]           ; receiving host
                       ["via"  atom]             ; physical path
                      *("with" atom)             ; link/mail protocol
                       ["id"   msg-id]           ; receiver msg id
                       ["for"  addr-spec]        ; initial form
                        ";"    date-time         ; time received
...
     source      = [  trace ]                    ; net traversals
                      originator                 ; original mail
                   [  resent ]                   ; forwarded
...
     trace       =    return                     ; path to sender
                    1*received                   ; receipt tags
...
[translation: source contains  o p t i o n a l  trace, which contains
 one or more received, which is as above.  not shown: source is a
 required field, and fields are required.		-joe yao-]
...
     4.3.2.  RECEIVED

        A copy of this field is added by each transport  service  that
        relays the message.  The information in the field can be quite
        useful for tracing transport problems.

        The names of the sending  and  receiving  hosts  and  time-of-
        receipt may be specified.  The "via" parameter may be used, to
        indicate what physical mechanism the message  was  sent  over,
        such  as  Arpanet or Phonenet, and the "with" parameter may be
        used to indicate the mail-,  or  connection-,  level  protocol
        that  was  used, such as the SMTP mail protocol, or X.25 tran-
        sport protocol.

        Note:  Several "with" parameters may  be  included,  to  fully
               specify the set of protocols that were used.

        Some transport services queue mail; the internal message iden-
        tifier that is assigned to the message may be noted, using the
        "id" parameter.  When the  sending  host  uses  a  destination
        address specification that the receiving host reinterprets, by
        expansion or transformation, the receiving host  may  wish  to
        record  the original specification, using the "for" parameter.
        For example, when a copy of mail is sent to the  member  of  a
        distribution  list,  this  parameter may be used to record the
        original address that was used to specify the list.
...

Joe Yao				jsdy@cais.com - Joseph S. D. Yao

home help back first fref pref prev next nref lref last post