Re: Best Suggestion For Blacklisting Senders

Sat, 23 Jan 2010 04:22:58 -0800 

On 2010-01-22 Carlos Williams wrote:
> On Thu, Jan 21, 2010 at 2:43 PM, Brian Evans - Postfix List wrote:
>> This is a client IP not a sender, e. g. 'MAIL FROM: br...@example.com'
>>
>> The IP should go into a file referenced by a check_client_access
>> restriction.
> 
> I think I still don't have a understanding at how to properly read /
> understand message headers in order to create good filters in Postfix.
> I am very sorry for my confusion but can someone please tell me what
> the difference is between these two IP's I show in the headers. I am
> guessing one IP is the actual 'senders' IP address in which is
> initiating SMTP from using a client like Outlook / Thunderbird and the
> other IP I am guessing is the address of the senders SMTP server which
> establishes a connection with my Postfix MTA, right? Do I at least
> have this correct?
[...]
> Received: from civismtp.uas.coop (civismtp.uas.coop [67.212.170.242])
> by mail.iamghost.com (Postfix) with ESMTP id C00DB77A862 for
> <car...@iamghost.com>; Fri, 22 Jan 2010 05:29:30 -0500 (EST)
> Received: from wfmc.org (HELO www.wfmc.org) (192.220.23.216)
> (smtp-auth username editor, mechanism cram-md5) by civismtp.uas.coop
> (qpsmtpd/0.40) with ESMTPA; Fri, 22 Jan 2010 03:50:52 -0600
[...]
> There are two (2) 'Received: from' lines which both have two
> completely different IP's. One has a HELO & 'smtp-auth' username
> (editor) which I assume this line to be the client sending the
> message, not the MTA, is this correct?

No. E-Mail has a so-called store-and-forward architecture, meaning that
a mail may pass through several hops, each of which accepts and forwards
the mail to the next hop.

User-Client -> MTA -> MTA -> MTA -> MTA -> Recipient mailbox
                A      B      C      D

In every connection (->) the sending hop is the client, and the
receiving hop is the server.

Of course a user's mail client (or rather Mail User Agent, MUA) is also
a client. It depends on the context who is the client in any given
situation.

HTH

Regards
Ansgar Wiechers
-- 
"Abstractions save us time working, but they don't save us time learning."
--Joel Spolsky

Reply via email to