[973] in linux-security and linux-alert archive
Re: [linux-security] sendmail security
daemon@ATHENA.MIT.EDU (Joseph S. D. Yao)
Sat Jul 27 10:36:37 1996
Date: Fri, 26 Jul 1996 15:00:37 -0400
From: "Joseph S. D. Yao" <jsdy@cais.cais.com>
To: jhenders@bogon.com, rbulling@obscure.org
Cc: linux-security@tarsier.cv.nrao.edu, RDMiller@legislate.com
> From: Richard Bullington <rbulling@obscure.org>
> Can someone quote from an SMTP related RFC that specifies what should
> be in the "Received:" header? Is Smail being a bad SMTP citizen?
>From rfc822.txt:
...
received = "Received" ":" ; one per relay
["from" domain] ; sending host
["by" domain] ; receiving host
["via" atom] ; physical path
*("with" atom) ; link/mail protocol
["id" msg-id] ; receiver msg id
["for" addr-spec] ; initial form
";" date-time ; time received
...
source = [ trace ] ; net traversals
originator ; original mail
[ resent ] ; forwarded
...
trace = return ; path to sender
1*received ; receipt tags
...
[translation: source contains o p t i o n a l trace, which contains
one or more received, which is as above. not shown: source is a
required field, and fields are required. -joe yao-]
...
4.3.2. RECEIVED
A copy of this field is added by each transport service that
relays the message. The information in the field can be quite
useful for tracing transport problems.
The names of the sending and receiving hosts and time-of-
receipt may be specified. The "via" parameter may be used, to
indicate what physical mechanism the message was sent over,
such as Arpanet or Phonenet, and the "with" parameter may be
used to indicate the mail-, or connection-, level protocol
that was used, such as the SMTP mail protocol, or X.25 tran-
sport protocol.
Note: Several "with" parameters may be included, to fully
specify the set of protocols that were used.
Some transport services queue mail; the internal message iden-
tifier that is assigned to the message may be noted, using the
"id" parameter. When the sending host uses a destination
address specification that the receiving host reinterprets, by
expansion or transformation, the receiving host may wish to
record the original specification, using the "for" parameter.
For example, when a copy of mail is sent to the member of a
distribution list, this parameter may be used to record the
original address that was used to specify the list.
...
Joe Yao jsdy@cais.com - Joseph S. D. Yao