> >> How can this happen?
> > 
> > *Any* header can be forged.    :^)
> Ok, but I'm not clear on one thing.  qmail+vpopmail is going to route
> locally based on the to field of the incoming message, right?  So you are
> saying this message was forged locally, meaning a hacked server?

The envelope recipient ("RCPT TO:") is what qmail mostly cares about.
The normal message headers are fluffy bits of superfluous information
that could help it detect a mail loop.

Your message appears to have had a "To:" header of "[EMAIL PROTECTED]"
(forged) and an envelope recipient of "[EMAIL PROTECTED]" (not forged)
or maybe even some other address that aliases itself to kurt.

> Curiously your off-list reply cased my server to generate this message:
>     message is looping /var/vpopmail/domains/breathsense.com/kkb/Maildir/

Why would your server bounce it in the first place?  Fix that!

Eric Ziegast

Reply via email to