On Sat, August 9, 2008 01:38, John Andersen wrote:
On Fri, Aug 8, 2008 at 4:29 PM, Greg Freemyer
wrote: The trouble is with the mailinglist forwarding the address, google does not have enough information to know where the email originated.
That's just not true Greg.
Using headers in your own posting to opensuse:
------begin excertp --- Received: by an-out-0708.google.com with SMTP id b33so191332ana.112 for
; Fri, 08 Aug 2008 16:29:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:cc:in-reply-to:mime-version:content-type :content-transfer-encoding:content-disposition:references; bh=+At/E0R+WGDJuOyD/nTbeuVBapWCrGc1HPv021wBVog=; b=q1gFa2CY5pMhRhX5cQGGTxv8+lHUUqw2H3MG4dXm6A3ufOmEp9m1NV8aDog281jLwe x1kiCfaftKKblyZjgPnhZq8Az8MMzt4iTxNcmcF/BUIgtrrduDsuzquE5sFOga7daF7w dEUtPlJoNi9/O8gmwUZBawaeB271yTlNAAMKc= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version :content-type:content-transfer-encoding:content-disposition :references; b=u59WjuD61Z8iDbQDYe99BZCeOgsXovStFPoFn70jRgQThYGXF7F+x7qx8v0OKNjlsE qaHAilalYW06V96refQW2T+ojtg/yjgAEz2jRHuMtfq5nY+3eLxwzKTuHvaGFwq/jEn1 vggJBDQYYhzKd2AmoI7NgVSlnXLpRKif4xhfk= ---- end excerpt
Plenty of evidence here that the mail came from gmail.
True.
If the gmail didn't see its own tracks in the first few "received" headers it could assume that mail purporting to be FROM gmail was forged and could have alerted Alexey to that fact.
Not true. The evidence doesn work that way. I don't know how I can explain. I'll try. Troll sends forged email to opensuse. Opensuse accepts the forged email. Opensuse forwards the email. list4.suse.de opens an SMTP connection on port 25 to gmail-smtp-in.l.google.com list4.suse.de says: HELO list4.suse.de list4.suse.de says: MAIL FROM: opensuse@opensuse.org gmail-smtp-in.l.google.com checks if opensuse.org uses SPF. Too bad it doesn't now we don't know if this email is forged. Let's treat it like a neutral email. list4.suse.de says: RCPT TO: jsamyth@gmail.com gmail-smtp thinks, OK, I know that user, you may continue. list4.suse.de says: DATA This is followed by a blob of data that could be anything. At this point, the SMTP session really doesn't care. As long as it is structured as an RFC2822, it could be anything. gmail-smtp accepts the data. list4.suse.de says goodbye and breaks the connection. At this point, Gmail is responsible for the mail. It's too late to refuse the email. Its only options left are delivery or dropping the email. Now gmail starts scanning the email, to find out if it is spam. When Gmail does not find its own SPF evidence in an email with a gmail-from, this does not mean forgery! It is possible that a legitimate user is sending email with his Thunderbird configured with the gmail addres as the sender address. This happens a lot with popular email services like Gmail, so they cannot treat those emails as suspicious. OTOH, companies with strict IT policies can reject every email with one of their addresses in the from but not sent from one of the company mailservers, if they enforce a policy that forbids emplyees to configure their work email accounts in their home internet connections, or forces them to use a VPN to the company mail server to send company mail. -- Amedee -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org