SV: Whitelist Problem -- explanation of To: versus recipient
Anders Andersson, IT
andersan at LTKALMAR.SE
Tue Aug 13 12:22:18 IST 2002
Thanks, even an fool like me understod that.
Nice to see a noon *nix explaination =)
/Anders
> -----Ursprungligt meddelande-----
> Från: Julian Field [mailto:mailscanner at ECS.SOTON.AC.UK]
> Skickat: den 13 augusti 2002 09:54
> Till: MAILSCANNER at JISCMAIL.AC.UK
> Ämne: Re: Whitelist Problem -- explanation of To: versus recipient
>
>
> At 03:31 13/08/2002, you wrote:
> >Is it possible for someone to illustrate the difference between the
> >"envelope sender address" versus the "From" header?
> >
> >Maybe grab a full email header, paste it into a reply to the
> list, and
> >point out which is which?
>
> The point is that the "envelope sender address" doesn't
> normally end up in
> the headers at all.
>
> > This seems like a recurring question and now
> >I'm even beginning to question my own understanding of it.
> it might even
> >be a good item for the FAQ. If I was convinced I understood
> it, I would
> >write it myself :)
>
> This looks a bit long, but it's all very simple to
> understand. Really :)
>
> Imagine a physical letter in the post to you. If they have written it
> nicely, the piece of paper in the envelope will have your
> (the recipient)
> address written on it. But the piece of paper is folded up
> and put in an
> envelope, which is made of paper so you can't see through it.
> Your address
> is written on the outside of the envelope too.
>
> The mail "Post Office" (US Postal Service, Royal Mail,
> Federal Express,
> etc) delivers the letter to your mailbox. But the last thing
> it does before
> it drops it in your mailbox is that it kindly takes the
> letter out of the
> envelope for you and throws the envelope in the trash.
>
> What you have now is the original letter, complete with your address
> written on it.
>
> But the version of your address on the letter you take from
> your mailbox is
> nothing whatsoever to do with the address used to actually
> deliver it to
> you. The (thrown away) address on the outside of the envelope
> is what was
> used to deliver it to you.
>
> In theory the copy of the address on the letter doesn't even
> need to be
> your address. Absolutely anything would do, as it isn't used
> to delivery it
> to you anyway. The only address that matters is the one on
> the outside of
> the envelope (which was thrown away for you by the "Post Office").
>
> It's exactly the same with e-mail, except that the "Post Office" is
> sendmail, Exim, postfix, etc.
>
> The same explanation applies to the return address written on
> the outside
> of the envelope. All the Post Office checks is that it is a
> valid address.
> If the letter couldn't be delivered to you, the Post Office
> tries to send
> it back to the return (From) address on the outside of the
> envelope. The
> Post Office won't actually open your letter as that is not
> allowed (not in
> many countries, anyway). If the return address on the
> envelope is someone
> else's address (i.e. not the address of the person who
> originally sent you
> the letter), then the Post Office will still deliver it to
> them, and they
> will be quite surprised to receive back a letter they never
> sent in the
> first place. This is what the Klez worm does.
>
> If you want to send a letter back to the person who sent it,
> nothing on the
> letter inside the envelope can be trusted (as explained
> above). And you
> can't even trust the return address written on the outside of
> the envelope,
> even if somehow you managed to get the envelope off the
> postwoman (also
> explained above). The only indication you have is what
> franking marks the
> Post Office added (as these tend to indicate the town it came
> from). These
> franking marks are the "Received:" headers.
>
> --
> Julian Field Teaching Systems Manager
> jkf at ecs.soton.ac.uk Dept. of Electronics & Computer Science
> Tel. 023 8059 2817 University of Southampton
> Southampton SO17 1BJ
>
More information about the MailScanner
mailing list