Wietse Venema put forth on 3/31/2011 11:42 AM:
> Stan Hoeppner:
>> Received: from mail-iw0-f176.google.com (biz88.inmotionhosting.com
>> [66.117.14.32])
>> by greer.hardwarefreak.com (Postfix) with ESMTP id F297D6C12E
>> for <s...@hardwarefreak.com>; Thu, 31 Mar 2011 06:29:19 -0500
>>
>
> The format is:
>
> Received: from helo-hostname (verified-reverse-name [ip-address])
Thanks Wietse. So, answering my own previous question to Viktor, this
is defined in the docs in the backscatter readme, like so:
Although my email address is "wie...@porcupine.org", all my mail systems
announce themselves with the SMTP HELO command as
"hostname.porcupine.org". Thus, if returned mail has a Received: message
header like this:
Received: from porcupine.org ...
Thus one should deduce that the first hostname in the first received
line is the HELO/EHLO hostname. Not quite the direct definition I
anticipated finding in the docs, or in a location I'd have expected, but
nonetheless the information is present.
> This is also useful when setting up backscatter filters: all mail with
> a helo-hostname of "porcupine.org", "postfix.org", etc. is a forgery.
I just read (again) the backscatter page. I've never actually
implemented such measures as backscatter has never been a problem here.
I'm thinking I'll go ahead and do so as a preemptive measure..
--
Stan
