Wietse Venema:
> Steve:
> > It is easy enough to reproduce. Just build a header filter like this;
> > (put aside the fact this is going to catch a shed load of legit mail)
> >
> > /^Received: from.*(cmodem|dhcp|adsl|broadband|dynamic)/ REJECT dynamic
> > host in headers
>
> This matches Received: headers.
>
> > This mail;
> > Subject: UCE: 86.140.171.207
> > From: <munged>
> > Reply-To: zen158...@zen.co.uk
> > To: ab...@btbroadband.com
> > [other text omitted]
>
> Contains no Received: header.
>
> > In the logs; tripped on the header filter;
> > Jun 12 11:01:58 mail4 postfix/cleanup[1419]: B9F16AC09D: reject: header
> > Received: from [192.168.1.xx] (xx [192.168.1.xx])??by mail4.xx.co.uk
> > (xx) with ESMTPA id B9F16AC09D??for <ab...@btbroadband.com>; Fri, 12 Jun
> > 2009 11:01:58 +0100 (BST) from mail4[192.168.1.xx];
> > from=<mung...@munged.co.uk> to=<ab...@btbroadband.com> proto=ESMTP
> > helo=<[192.168.1.xx]>: 5.7.1 dynamic host in headers
>
> This Received: header was prepended by Postfix itself.
>
> Observe:
>
> - The logfile record has time stamp "Jun 12 11:01:58".
>
> - The Received: header has time stamp "Fri, 12 Jun 2009 11:01:58".
And:
- The logfile record has B9F16AC09D as the queue ID.
- The Received: header has "id B9F16AC09D...".
It really was the header prepended by Postfix.
Wietse
