Ignoring last Received From

Alex alex at skynet-srl.com
Tue Apr 24 13:44:36 IST 2007

> Hi guys
> I'm playing with a damned configuration I cant' figure how to have i t 
> working.
> =============
> All the mail that comes on some servere passes on STMP servers that 
> are behind a firewall.
> Those servers are placed in a DMZ and use Postfix with load balancing.
> Those SMTP servers decide where to send their mail on different mail 
> servers using sendmail AND Mailscanner.
> INTERNET ----->firewall----->SMTP servers ( route to 
> SMTP using MS -->Mailscanner
> If I set up a wihitelist like the following
> From:    and   To: address at domain   yes
> it will never match since the headers of the received mail on the 
> Mailscanner servers look like
> Received from: <----- this is the internal IP of the last 
> passed trough SMTP server
> Received from :   <---- this is the public INTERNET server who 
> sent the mail and I cant' match to...
> THE SOLUTIONS I TRIED (with no success)
> =====================
> a) used the Remove Header in MS configuration, but this seems to only 
> match complete headers.
>    I cannote remove
>   Received from : 10.0.0.
> but I can remove all the Received from headers (uselsess for my problem)
> b) It seems I cant find a m4 macro to tell sendmail not to add the 
> Received from  header (it's so easy in Postfix)
> I don't think I'm the  only one with this problem.
> How did you guys solved this?
First of all thanks to all the guys who answered this (I discovered not 
so) simple question,

Someone suggested to change the network architecture.

This is not a choice, since not all the domains we manage have to pass 
through MS, so only specific ones are routed to the servers running MS.

Furthermore it is not a spam detection problem, so writing a specific SA 
rules won't help since the spam detection works fine.

The problem only arises when I to write a MS rule where the from IP 
address is involved, since MS seems to only consider the very last 
(indeed top-first) Received from header.

From: and From *@mydomain.com yes <--- never matches

The Header says the last server the message passed through is our DMZ 
server ( so it never matches the above From rule.

I think this damned thing may be managed in two ways:

- Instructing sendmail on the private servers to not add the Received 
from header but don't know how to do that. In Postfix this is very easy: 
write a header_check rule that simply ignores the matching header so it  
doesn't get added to the final message and BANG it works!

- Instructing MS to match the second Received from: header instead of 
the first one (?????)

I see someone else is having the same problem (may I say Welcome??)

I have searched the internet for the IP hiding problem in Sendmail 
(usually used to hide internal private IP's and names from the external) 
but I came to a lot of infos (milter, voodoo and so on) but no specific 

Using procmail with formail may be a way, but it looks very complicated 
since the recipe's formail action should do a complete rewrite of the 
received from header, and to accomplish that I suspect it needs an 
external PERL/BASH/other scripting langiage that may lead to system 
vulnerabilities or instability.

Any ideas out there??

Thank you

More information about the MailScanner mailing list