Detecting improper Received: path

Hugo van der Kooij hvdkooij at
Sat Mar 22 12:13:20 GMT 2008

Hash: SHA1


Is there code to track the Received: headers and see if a ADSL user has
used his/her smarthost?

I see quite a bit of relaying going on like shown below:

	Received: from
( [])
~     by (Postfix) with ESMTP id 564F417E8F92
~     for <hvdkooij at>; Sat, 22 Mar 2008 04:06:55 +0100 (CET)
Received: from
( [])
~     by (Postfix) with ESMTP
~     id 597FE127B0; Fri, 21 Mar 2008 19:06:53 -0800 (PST)
Received: from ([]
~     by with esmtp (Exim 4.43)
~     id 1Jcu4J-0003zq-Si
~     for ddj-users at; Fri, 21 Mar 2008 20:06:51 -0700
Received: from [] (helo=[])
~     by with esmtp (Exim 4.44) id 1Jcu4H-0006ue-Ox
~     for ddj-users at; Fri, 21 Mar 2008 20:06:51 -0700
Message-ID: <01c88bf7$deba6680$9bf55c3b at whitneyin8>
From: "Antonio Bowden" <whitneyin8 at>
To: <ddj-users at>
Date: Sat, 22 Mar 2008 08:36:49 +0530
MIME-Version: 1.0
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1506
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1506
X-Spam: Not detected
X-Spam-Score: 2.1 (++)
X-Spam-Report: Spam Filtering performed by
~     See for more details.
~     Report problems to
~     0.1 RCVD_IN_SORBS_DUL RBL: SORBS: sent directly from dynamic IP
~     [ listed in]
~     2.0 RCVD_IN_DSBL RBL: Received via a relay in
~     [<>]
Subject: [Ddj-users] Office Enterprise 2007 ready to download
X-BeenThere: ddj-users at
X-Mailman-Version: 2.1.8
Precedence: list
List-Id: <>
List-Unsubscribe: <>,
~     <mailto:ddj-users-request at>
List-Post: <mailto:ddj-users at>
List-Help: <mailto:ddj-users-request at>
List-Subscribe: <>,
~     <mailto:ddj-users-request at>
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: quoted-printable
Sender: ddj-users-bounces at
Errors-To: ddj-users-bounces at

Granted the DDJ mailinglist has about a 100% spam rate so I could just
unsubscribe and be done with it but I have some faint hopes Mike will
actually continue to support DDJ and GRIP.

But in this case it is clear that this message should propably have been
stopped by Sourceforge in the first place.

The Barracuda can do tricks like this lately by defining hosts as
trusted relays. It will then check the Received headers to see who
connected to the trusted relay. If that host would not have been allowed
to connect to the Barracuda then the Barracuda will kill the message.

While primeraly intended for your backup MX servers it also works for
mailinglist servers that you get email from.

Is there a way to do something similar in MailScanner?


- --
hvdkooij at     

	A: Yes.
	>Q: Are you sure?
	>>A: Because it reverses the logical flow of conversation.
	>>>Q: Why is top posting frowned upon?

Bored? Click on and rate those images.

Version: GnuPG v1.4.7 (GNU/Linux)


More information about the MailScanner mailing list