Thank you John That was very clear and I now understand much better what is happening I guess I will read up and start some more aggressive spam filtering by switching on more stuff in SA-Exim
and you were right it is "envelope to" Thanks again Hill Ruyter ----- Original Message ----- From: "John W. Baxter" <[EMAIL PROTECTED]> To: "Exim Mailing List" <[email protected]> Sent: Thursday, November 16, 2006 9:49 PM Subject: Re: [exim] Not sure how to block this spam ? > On 11/16/06 11:21 AM, "Hill Ruyter" <[EMAIL PROTECTED]> wrote: > >> I am receiving spam to one of my email domains now that does not have my >> address in the TO or CC headers which I thought should not work as the >> server only delivers to addresses that are configured. >> >> When I look at the headers there is a field called "envelope for" which >> contains the address to which it is delivered >> >> I am sure it must be easy to stop this but I am a little lost >> which document will best explain what I should do ? >> >> Will this be in ACLs somewhere or the router ? > > Unless you go to special trouble, the To: and Cc: headers are meaningless > for the purpose of getting the messages into your mailbox. > > Messages are delivered based on their envelope addresses (I'm a bit > surprised you found "Envelope for:" rather than "Envelope to:" In the > SMTP > conversation, the addresses come in in the RCPT TO: commands. Exim makes > them available as $local_part, and $domain (but not after that part of the > SMTP conversation is finished...that is not after the DATA command, and if > told to puts them into Envelope To: (at the last moment, when it knows > there > is only one recipient being considered, so it is OK to reveal that > recipient). > > That's a summary, look in the spec at 11.9 (for the variables) and various > other places. > > If you elect to block because the visible addressee headers don't contain > some address, you prevent that address from receiving mail from > 1. most mailing lists, > 2. friends who for one reason or another include the address in Bcc: to > hide it from other recipients. (The Bcc: header is an odd duck in that > addressees who are in the Bcc: header as the message was prepared may see > 1. nothing related to it (probably the most common case) > 2. a reduced Bcc: header containing only their address > 3. the full Bcc: header. > Those who are in the To: and Cc: headers should remain unaware of the Bcc > addresses. > > Why three possibilities? My guess is that it was a political thing during > RFC production. ("My way is clearly right, and I'll vote against if it > isn't allowed.") > > --John > > > > > > > -- > ## List details at http://www.exim.org/mailman/listinfo/exim-users > ## Exim details at http://www.exim.org/ > ## Please use the Wiki with this list - http://www.exim.org/eximwiki/ > -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
