On Wed, 2 Mar 2005, Justin Mason wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
> It's OK to have a dyn IP as the source, alright, as long as it
> doesn't HELO using that hostname. That's what HELO_DYNAMIC_*
> matches, as it's a very strong spam signature.
>
> > Received: from h00c04f2d101a.ne.client2.attbi.com
> > (h00c04f2d101a.ne.client2.attbi.com [66.30.139.164])
> > by webmail.grad.brandeis.edu (IMP) with HTTP
>
> So IMP is doing this now? argh, bad decision...
>
> - --j.
NO! NO!, Read the headers!
Note the "with HTTP" as the protocol.
That's somebody on a cable modem using a web browser, connecting to
a HORDE-IMP webmail server. So the webmail server is doing the
actual sending of the SMTP part, but it is adding that additonal
'Received:' header to expose the original source of the actual message,
namely the user operating the broswer.
It's a cute idea, extending the concept of the 'Received:' chain,
but causes confusion for things such as SA who don't note the 'with HTTP'
part. ;)
Dave (who also has a HORDE-IMP webmail server at our site.
--
Dave Funk University of Iowa
<dbfunk (at) engineering.uiowa.edu> College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_admin Iowa City, IA 52242-1527
#include <std_disclaimer.h>
Better is not better, 'standard' is better. B{
