Re: "Received:" headers and mail forwarding loops

Fri, 31 Jul 2009 15:19:57 -0700 

Stefan F?rster:
> When I submit a mail to my Postfix server (using SASL auth over a TLS
> connection), Postfix adds the following received header:
> 
>  Received: from aletheia.cite.lan (33.33.33.333.dynamic.cablesurf.de
>         [33.33.33.333]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 
> bits))
>         (No client certificate requested) by mail.incertum.net (Postfix) with
>         ESMTPSA for <c...@example.net>; Fri, 31 Jul 2009 23:42:33 +0200 (CEST)
> 
> This is working as expected. If I create a new mail and forcibly
> insert the above header before I submit it, I get a NDR saying that
> there is a mail forwarding loop for c...@example.net - which is

As documented, Postfix uses Delivered-To: headers for loop detection.

Local delivery agent:
=====================
prepend_delivered_header (default: command, file, forward)
       The message delivery contexts where the Postfix local(8) delivery agent
       prepends a Delivered-To:  message header with the address that the mail
       was delivered to. This information  is  used  for  mail  delivery  loop
       detection.

       By  default,  the Postfix local delivery agent prepends a Delivered-To:
       header when forwarding mail and when delivering to file  (mailbox)  and
       command.  Turning  off the Delivered-To: header when forwarding mail is
       not recommended.

       Specify zero or more of forward, file, or command.

       Example:

       prepend_delivered_header = forward

Pipe delivery agent:
====================
       flags=BDFORXhqu.> (optional)
              Optional message processing flags.  By  default,  a  message  is
              copied unchanged.

              ...

              D      Prepend  a  "Delivered-To: recipient" message header with
                     the envelope recipient address. Note: for this  to  work,
                     the  transport_destination_recipient_limit must be 1 (see
                     SINGLE-RECIPIENT DELIVERY above for details).

                     The D flag also enforces loop detection (Postfix 2.5  and
                     later):  if  a  message  already contains a Delivered-To:
                     header with the same recipient address, then the  message
                     is  returned  as undeliverable. The address comparison is
                     case insensitive.

        Wietse

> exactly what I expected, but I'm not 100% sure how this mechanism
> works. So my question is:
> 
> Does Postfix compare both the sending host _and_ the recipient address
> in "Received:" headers? If not, with regard to "Received:" headers,
> which (if any) information is compared to detect a mail forwarding
> loop?
> 
> 
> Cheers
> Stefan
> 
>

Reply via email to