Query about missing envelope sender in quarantined mail

Jim Holland mailscanner at mango.zw
Thu May 25 14:26:11 IST 2006 

Hi Julian

On Thu, 25 May 2006, Julian Field wrote:

> > I have configured the following lines in MailScanner.conf to ensure  
> > that
> > envelope From headers are recorded:
> >
> > 	Add Envelope From Header = yes
> > 	Envelope From Header = X-%org-name%-MailScanner-From:
> > 	Quarantine Whole Message = yes
> > 	Quarantine Whole Messages As Queue Files = no
> >
> > and this works fine for mail that has been accepted for delivery.
> > However such mail in fact retains the envelope sender in any case  
> > so the above is rather redundant.  My query is how to do the same for  
> > quarantined mail, which always has a header like this:
> >
> > 	Return-Path: <.g>
> > 	Received: from . . .
> > 	From: . . .
> > 	Subject: . . .
> >
> > instead of the usual:
> >
> > 	From user at domain Thu May 25 11:49:49 2006
> 
> This line is part of mbox format, it is not part of the message. The
> separator between messages is defined as 1 blank line followed by "From
> " at the start of the next line. MailScanner is generating its
> quarantine files in RFC822 format which does not have this line at the
> top.

Thank you for the clarification.  I see now that this is the UnixFromLine
that sendmail adds when sending to files or programmes.
 
> > 	Received: from . . .
> > 	From: . . .
> > 	Subject: . . .
> >
> > There is no "From " line at the start of the header in quarantined
> > mail, and there is no MailScanner-From line to indicate the envelope
> > sender either.
> 
> That is because the quarantined mail is stored in the exact original  
> form in which it was received. Having an archive of munged mail  
> rather defeats the point.

Agreed.
 
> >   The only way to find out who sent the message is to look up the
> > message in the maillog file, which is rather tedious.  Why does the
> > first line of the header have the "From "  line replaced by
> > Return-Path with nothing useful in it?
> 
> Because that is what the spec says.
> 
> >   Can that behaviour be changed?
> 
> No, sorry.

Can we then look at the raw message format used for storing the 
quarantined mail?  It is stored with a header such as:

	Return-Path: <.g>
	Received: from . . .
	From: . . .
	Subject: . . .

In the first line, the .g is presumably the sendmail $g macro which 
represents the envelope sender.  If it were to be expanded before being 
stored in quarantine it would become the much more useful:

	Return-Path: <sender at domain>
	Received: from . . .
	From: . . .
	Subject: . . .

which does not involve any munging of the raw message.  The $g macro is
not part of the RFC822 specification (it is just a sendmail concept),
whereas the Return-Path header line is part of the RFC822 specification
and is required to be added at final delivery - which presumably includes
delivery to the quarantine folder.  "Return-Path: <.g>" is not an RFC822
compliant header as it does not "contain definitive information about the
address and route back to the message's originator".

Please look at the possibility of expanding the macro to provide a more 
informative Return-Path header line.

Regards

Jim Holland
System Administrator
MANGO - Zimbabwe's non-profit e-mail service

More information about the MailScanner mailing list