On Thu, 30 Dec 2004, Sam Varshavchik wrote:
[EMAIL PROTECTED] writes:
(BTW, I already posted this directly to the Usenet feed at Google Groups. I probably shouldn't have done that. Sorry for the duplication.).
I'm running an older version of Courier (0.40.2) which is working great.
I have certain messages (often spam) that come in and, based upon close examination of the full headers, are clearly coming to me via BCC. But I have many, many addresses that might be the one being used in BCC. I want to know what address they're using to get to me.
Is there any way at all, based on logs or any setup I can do right now, to tell who the original BCC recipients of an incoming message were?
The message should have the Delivered-To: header, that indicates the ultimate delivery address.
That is, provided you're just having Courier deliver the mail, and not doing running some home-cooked script that screws around with the message, before delivering it.
Yes, it's just Courier (with some filtering using .mailfiter). So, delivered-to tells me nothing, though I'd hoped that would do it.
If I send a message To: [EMAIL PROTECTED] and BCC:[EMAIL PROTECTED], where [EMAIL PROTECTED] is an alias that points directly to [EMAIL PROTECTED], then I will receive the message in my mailbox, and the delivered-to header will say "[EMAIL PROTECTED]" every time--it gives me the *final* destination. But I already know the final destination: it's me, at [EMAIL PROTECTED] The fact that it got there by first coming in the door *BCC'd* to [EMAIL PROTECTED] is lost, it appears.
This is why every single one of the emails I get (and I get many) has the same delivered-to header, no matter which of the 60 or so aliases they used to get to me. And I want to know which alias of mine they are BCCing--all 60 dump into my real, regular email, but some of the aliases are not filtered for spam (that's done by Postini before the mail even arrives at our server), and I believe that's one of the ones the spammers and viruses have discovered.
In that case, you need to read the dot-courier man page to find out how to obtain the recipient information from a script.
Which I did, but when I log $RECIPIENT on the inbound message, I [EMAIL PROTECTED] Sure enough it shows me nothing but the same thing that delivered-to in the header shows, which tells me nothing in this case. It looks like the variable is set only after Courier has done all aliasing and "translation," which rings a bell from the docs.
I don't think so, but have I possibly missed another variable or way to get the BCC address? What I actually did was to log not just $RECIPIENT but to log the output of "set" so as to get my entire environment, which of course included $RECIPIENT. None of the variables in the entire environment (I see all of the Courier variables in there) shows [EMAIL PROTECTED], which was the BCC that was used.
Thanks very much for any help. I really appreciate it.
Cheers, Dan
------------------------------------------------------- The SF.Net email is sponsored by: Beat the post-holiday blues Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek. It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt _______________________________________________ courier-users mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
