Julian Mehnle writes:
Hi Sam,
how is Courier's "Received:" header format specified? I do know the general "Received:" header format; I am especially interested in the second "from" comment field:
| Received: from nova (p549A64A3.dip.t-dialin.net [::ffff:84.154.100.163]) | (AUTH: LOGIN [EMAIL PROTECTED], TLS: TLSv1/SSLv3,128bits,RC4-MD5) | by io.link-m.de with esmtp; Mon, 31 Jan 2005 16:34:13 +0100 | id 00007D14.41FE4FF6.00006F9C
Here, it is "AUTH: LOGIN [EMAIL PROTECTED], TLS: TLSv1/SSLv3,128bits,RC4-MD5". But what's the general format? What assumptions can I make when trying to parse the "AUTH" part?
There are a couple of other things that can appear there, but there's not much else.
"LOGIN" is the SASL authentication method used to authenticate. You could also see CRAM-MD5, and a few other things in there, if you enabled those.
TLS: indicates the STARTTLS. If you enabled SMTP over SSL on port 465 you'll see SSL: instead of TLS:.
The only other thing you can get in there is "IDENT: foo", if Courier received a response to the identd query on the source IP address.
IDENT: would appear before AUTH:, if both are present.
pgpZp2LXrQjWo.pgp
Description: PGP signature
