On Sat, Oct 17, 2020 at 09:14:50PM -0700, Rich Wales wrote:
> Thanks. I was actually thinking something of the sort myself -- my
> server is indeed behind a separate firewall appliance.
>
> However, other e-mail (such as your recent reply to my inquiry) is NOT
> exhibiting this same NAT/proxy addressing problem. The relevant
> "Received:" line in my copy of your reply says the following (with line
> wrapping to make it legible in an ASCII environment):
Well, that shows that a proxy is the more likely scenario, some process
listening on a non-loopback IP that passes SMTP connections through to
127.0.0.1, or a NAT rule in your iptables...
> I'll continue searching for any possible security hole on my firewall
> appliance, though.
The firewall appliance (if a separate device) cannot make connections
appear to originate from 127.0.0.1, only something running on your
machine itself can do that. So not much point looking there.
--
Viktor.
