Re: [suse-security] Curious response
Thanks for the explaination Sven. I have tried altering my from address in Pine 4.44, under SuSE 8.1 pro. When I try to send the mail to suse-security@suse.com with a dummy from address in the header from, Pine gives me the following error message: Mail not sent: <keith@no.more.spam.net> Sender address rejected: Domain not found. This may be pine checking the header from, not suse-security@suse.com. So I change this header from address in Pine to: <keith@no.more.spam.co.uk> With that address, it gets past pine, but hasn't made it to this list yet! (It may bounce back soon!) Have you got an http:// address for the mailing-list FAQ please? Kind Regards - Keith On Sat, 13 Dec 2003, Sven Wahl wrote:
To: suse-security@suse.com From: Sven Wahl <x1svewah@stud.slu.se> Subject: Re: [suse-security] Curious response
snip
A2. The header from is probably what you think of as the "from"; e.g. From: foo@bar.com It is contained in DATA portion of the mail (that's the part of the mail that you, as a user, write). The envelope from is written by your mail transport agent, or MTA. That's the thing that your mail client hands the message you just wrote off to to have it delivered. An envelope is generally represented as this in the traditional mbox format: From foo@bar.com Fri Mar 1 12:59:36 2002 If you use maildirs or some other mailbox format you probably won't have that. Most MTAs copy the envelope from to the Return-Path header so you can also get it from that. This is who your MTA, in the words of RFC 822bis, says "the author(s) of the message, that is, the mailbox(es) of the person(s) or system(s) responsible for the writing of the message.'' The mailing list software we use (ezmlm+idx) takes the envelope from as the address to subscribe when you email LISTNAME-subscribe@suse.com. Other mailing list software might use the header from.
There are lots of good technical reasons why the envelope from is used (which you can read all about at the author's site: http://cr.yp.to/immhf.html) but a big benefit for you is that since the envelope from isn't displayed in list postings and the header from is ignored you can set your header from to be whatever you want. This means that you can use your main email address for the list and, if you munge the address, you won't need to worry about it being harvested by an an evil spammer. In other words, you are encouraged rot13, reverse, encrypt, or do whatever to your header from (*except* leave it unqualified) and it won't affect your subscription at all.
Hi again On Saturday 13 December 2003 19:42, Keith Roberts wrote:
I have tried altering my from address in Pine 4.44, under SuSE 8.1 pro.
When I try to send the mail to suse-security@suse.com with a dummy from address in the header from, Pine gives me the following error message:
Mail not sent: <keith@no.more.spam.net>
Sender address rejected:
Domain not found.
This may be pine checking the header from, not suse-security@suse.com.
Yes, I think so too. The reason for this is probably that pine uses the from address you specified also as envelope sender address. Therefore, it checks if the domain part of the address exists.
So I change this header from address in Pine to:
<keith@no.more.spam.co.uk>
With that address, it gets past pine, but hasn't made it to this list yet! (It may bounce back soon!)
I have the same problem with KMail. KMail doesn't check the address I enter in the From-field and delivers it to the SMTP server I use. But the mail disappears in the nirvana of the internet :-) I don't think that you will get a bounce-back. Ezmlm will try to reach you at keith@no.more.spam.co.uk, but since that is a fake address, you will not see this mail again either. The problem seems to be, that all (common) mail user agents create the envelope sender address using the from address. I googled a bit to find a solution to this. The only evidence I found is that it is possible to configure the sending mail server (e.g., running postfix) in a way that it rewrites the mail headers.
Have you got an http:// address for the mailing-list FAQ please?
As far as I know, the list ``test-list@suse.com'' is not archived. It is only used for test purposes by whoever wants to test something. I subscribed today when I was puzzling around with KMail and got the FAQ by sending a message to test-list-help@suse.com. The FAQ contains only one more question than the one I already sent you earlier today, so I will just paste it in here: FAQ - Frequently asked questions of the test-list@suse.com list. (Well, OK. A test list really doesn't have frequently asked questions but people who have trouble subscribing to mailing lists do) Q1. I subscribed using the web interface on your web site and receive list mail fine but everytime I try to post it bounces back with a nasty message about only letting subscribers post. Your system is broken. A1. Most likely your problem is that your envelope from and header from do not match. You need to contact me (ml-admin@suse.com) and ask to have your subscription address changed. Make sure you state what address you are currently subscribed as. If you don't remember what address you subscribed as please forward (don't bounce it) *all* of the headers from from one the messages you've received. You can also just subscribe the correct address by emailing listname-subscribe@suse.com and following the instructions. Of course, you will then be subscribed twice and receive all list traffic twice--just email the custom address located in the List-Unsubscribe header in a posting delivered to the incoreect address. Q2. Envelope from? Header from? All I want to do is post a message to one of your mailing lists! Why is this so complicated? I don't have trouble subscribing to other mailinglists. A2. The header from is probably what you think of as the "from"; e.g. From: foo@bar.com It is contained in DATA portion of the mail (that's the part of the mail that you, as a user, write). The envelope from is written by your mail transport agent, or MTA. That's the thing that your mail client hands the message you just wrote off to to have it delivered. An envelope is generally represented as this in the traditional mbox format: From foo@bar.com Fri Mar 1 12:59:36 2002 If you use maildirs or some other mailbox format you probably won't have that. Most MTAs copy the envelope from to the Return-Path header so you can also get it from that. This is who your MTA, in the words of RFC 822bis, says "the author(s) of the message, that is, the mailbox(es) of the person(s) or system(s) responsible for the writing of the message.'' The mailing list software we use (ezmlm+idx) takes the envelope from as the address to subscribe when you email LISTNAME-subscribe@suse.com. Other mailing list software might use the header from. There are lots of good technical reasons why the envelope from is used (which you can read all about at the author's site: http://cr.yp.to/immhf.html) but a big benefit for you is that since the envelope from isn't displayed in list postings and the header from is ignored you can set your header from to be whatever you want. This means that you can use your main email address for the list and, if you munge the address, you won't need to worry about it being harvested by an an evil spammer. In other words, you are encouraged rot13, reverse, encrypt, or do whatever to your header from (*except* leave it unqualified) and it won't affect your subscription at all.
Not security-related...
The problem seems to be, that all (common) mail user agents create the envelope sender address using the from address.
That would depend on the delivery method. As no envelope sender can be configured in kmail for SMTP delivery method, there's no choice but to use From:. For delivery method "sendmail", the envelope sender is determined by the local MTA and would by default be $USER@<local host name>. You must change this with yast (variable FROM_HEADER in /etc/sysconfig/mail), because no-one will receive mail from you when you call yourself $USER@linux.local, you need to call yourself $USER@$FROM_HEADER, and $FROM_HEADER must be a domain which resolves (e.g. your ISP's, but make sure $USER@$FROM_HEADER isn't someone else's address!!). It is not very difficult to configure a local MTA for sending mail, and you can configure that to deliver directly, or relaying via your ISP. You can specify a delivery program in kmail and use argument -f, if you can't use arguments there use a wrapper script. For sendmail, you'll also have to add yourself to the trusted users list, or sendmail adds a warning header line to each mail. You can also use header rewriting in your local MTA, but postfix's is rather limited and I couldn't get it to do what I wanted, so stayed with sendmail. Volker -- Volker Kuhlmann is possibly list0570 with the domain in header http://volker.dnsalias.net/ Please do not CC list postings to me.
Hello Volker Thanks for your comments! On Sunday 14 December 2003 01:32, Volker Kuhlmann wrote:
The problem seems to be, that all (common) mail user agents create the envelope sender address using the from address.
That would depend on the delivery method. As no envelope sender can be configured in kmail for SMTP delivery method, there's no choice but to use From:.
Do you know any mail user agent where one can configure the envelope and header from individually?
It is not very difficult to configure a local MTA for sending mail, and you can configure that to deliver directly, or relaying via your ISP.
Well, that might be true. But I'm not that far with Linux that I would dare to try that. That's why I'm rather looking for a solution on the mail user agent level. /Sven
participants (3)
-
Keith Roberts -
Sven Wahl -
Volker Kuhlmann