[PATCH] Fix code extracting the MTA from Received: headers

Dirk Hohndel hohndel at infradead.org
Tue Apr 13 11:06:12 PDT 2010 

On Tue, 13 Apr 2010 10:37:49 -0700, Carl Worth <cworth at cworth.org> wrote:
> On Thu, 08 Apr 2010 08:07:48 -0700, Dirk Hohndel <hohndel at infradead.org> wrote:
> > Right now my plan is to do something like this:
> > 
> > 1) look for my email address in To/Cc
> > 2) look for my email in "for <email at add.res>" in Received headers
> > 3) look for my email in X-Original-To
> > 4) look for the domain of my email in Received headers (not just 1st)
> > 5) punt and use default email address
> > 
> > Does that sound sane?
> 
> It sounds sane.

Good.
 
> > (and thanks for sending the headers - this really helps... can others
> > for whom the current code or the logic mentioned above wouldn't work
> > send their headers, too, please?)
> 
> I started using fetchmail many years ago and have never really needed to
> switch. So I'm still using that, (but don't necessarily recommend it to
> anyone.
> 
> It seems to break the above since it delivers mail locally, so the first
> headers I get are:
> 
> 	X-Original-To: cworth at localhost

Easy to detect. I'll add that as an exclusion

> 	Delivered-To: cworth at localhost
> 	Received: from yoom.home.cworth.org (yoom.home.cworth.org [127.0.0.1])
> 		by yoom.home.cworth.org (Postfix) with ESMTP id D391B5883A6
> 		for <cworth at localhost>; Mon, 12 Apr 2010 09:11:18 -0700 (PDT)
> 	MIME-Version: 1.0
> 	Received: from 10.22.226.213 [10.22.226.213]
> 		by yoom.home.cworth.org with IMAP (fetchmail-6.3.16)
> 		for <cworth at localhost> (single-drop); Mon, 12 Apr 2010 09:11:18 -0700 (PDT)

AHHHHHHHH
(he runs screaming out of the room)

> And none of these are useful for your detection. Worse, the presence of
> "cworth.org" in the above might throw your detection off before it could
> find something useful like "intel.com" in a later Received header.

I have some choice words for these headers...
And an idea how to exclude these false positives as well... It's kind of
a hack, but I'm thinking that in order for the "Received: ... by ..."
part to be truly relevant to us, the from host should have a non-private
IP address. 

Yes, I can envision within-your-own-network cases where none of the
systems have a non-private email address... but then hopefully your last
hop is correct... if not - your setup is even more screwed up than Carl's.

> I'll send a complete message with full headers to you separately.

Thanks
 
> Perhaps I can just switch programs to transfer email and avoid this
> problem. Anyone have a recommendation for something to transfer mail
> From an imap server to the local matchine, (but *not* leaving it stored
> on the imap server)[*]. I don't think offlineimap supports this mode
> does it?

Don't think so. I'm not going to comment on the usefulness of this mode
in public :-)

/D

-- 
Dirk Hohndel
Intel Open Source Technology Center

More information about the notmuch mailing list