On Wed, Apr 27, 2011 at 10:33:58PM -0400, Michael Orlitzky wrote: > On 04/27/2011 10:27 PM, Michael Orlitzky wrote: > > There is a setting on some Barracuda appliances called "deep > > header inspection" or "deep header parsing" that does this. > > Nobody who understood it would ever turn it on. Nevertheless, > > it sounds good, right? If you put the box there, somebody will > > check it. > > I should clarify a little: the setting itself doesn't do anything > bad. However, when combined with certain blacklists (Barracuda's, > the PBL...), that setting essentially means "reject anything sent > from a house."
Right. Possibly the majority of personal mail. To Mike, the OP, I would not try to fix this problem for them, because as Noel points out, you are going to have problems with other poorly-managed sites. At one time some simple testing I did suggested that Hotmail/MSN discarded my mail which was sent without any Received: headers. Not flagged as spam; according to the user it was simply gone. My logs showed successful delivery. Deep header parsing against Spamhaus PBL and XBL is explicitly mentioned in Spamhaus FAQs[1]. They are wrong to do that, and your mail surely is not the only legitimate mail they are blocking. The more you do to work around this site's mistake, the more you are contributing to the problem. > From what I understand, the appliance makes it a little too easy > to create this situation. A Barracudist on a different mailing list once begrudgingly acknowledged this as a bug, so I suspect that 'cuda support now is telling people not to do this. Mike could suggest that the other site, if (as we suspect, is behind a 'cuda), contact support. That said, sadly, I will offer another workaround, because I understand that sometimes we who DTRT need to commmunicate with others who do not. My family uses my own SOHO Postfix for mail submission. Their connections are made via RFC 1918 IP addresses, which appear in Received: headers. The SOHO Postfix connects to the relayhost (with static IP, custom rDNS, and DNSWL whitelisting) via OpenVPN, also using RFC 1918 addresses. Multiple Received: headers, and nothing to excite the deep header parsers, until they get the idea to filter on RFC 1918 addresses. AFAIK mail is getting delivered, for now anyway. [1] http://www.spamhaus.org/faq/answers.lasso?section=Spamhaus%20XBL and the equivalent PBL page -- Offlist mail to this address is discarded unless "/dev/rob0" or "not-spam" is in Subject: header
