Read IP Address From Received Header
Frank Cusack
fcusack at fcusack.com
Tue Dec 1 17:32:58 GMT 2009
On December 1, 2009 2:29:07 PM +0100 Glenn Steen <glenn.steen at gmail.com>
wrote:
> 2009/12/1 Frank Cusack <fcusack at fcusack.com>:
>> Last question, I hope!
>>
>> For "Read IP Address From Received Header":
>>
>> # no or 0 ==> use the SMTP client address, ie. the address of the
>> # system talking to the MailScanner server. This is
>> # the normal
>> setting.
>> # yes or 1 ==> use the first IP address contained in the first
>> # "Received:" header at the top of the email
>> # message's headers.
>>
>> Since MailScanner is not itself an SMTP server, doesn't the SMTP server
>> on the host MailScanner is running on always add a Received: header
>> before MailScanner sees the mail? How would MailScanner ever see the
>> address of the SMTP client if it is always [at least] once-removed?
>>
> IIRC (always dicey, that assumption:-), there are some situations
> where what the MTA stores in its queue files aren't reliably the last
Oh, so the queue files contain the SMTP client IP? ok that makes
sense then.
> hop, and for those cases this setting will look at the last Received:
> header to find that out. For example, it might look like:
So it seems then that 0 and 1 are equivalent, it's just that for 0
MS doesn't have to scan and parse the Received: header in the email.
Is that right?
> If you do have another MTA between "the net" and your MS box, then you
> really do need set this to 2.
>
>> it seems like I should set this value to 2? The MX host and the MS host
>> both add a Received: header.
> Why do you have it like that? BarricadeMX?
I do have another MTA in between, so thanks for the verification that
I should use "2". I only have it like that because it's difficult to
install the MS software on my MX host. Also I will note that with
this setting being fixed like that, it means backup MX hosts have to
send directly to MS and not use an intermediate hop of the primary MX.
Maybe that's remedial info for you though. :)
So now that I understand that bit, here's a problem combining that
and "bounce". The bounce action for spam says you need to whitelist
127.0.0.1 ... make sense. But since I have "Read IP Address From
Received Header" set to 2, and for bounces there will not even be
2 received headers, will that whitelist even work?
-frank
More information about the MailScanner
mailing list