> In addition to whatever value it might have for Bayesian filters, it may > be useful to always add an X-From: header, so that diagnosing email > problems like my client with the forged From: header would be easier. I > had to grep through his server logs to see how the spammer bypassed the > SPF and SA tests. (SA only sees From: and SPF only uses MAIL FROM). > > I wonder if X-Rcpt-To should be similarly added. > > Has this been done before? Should it be?
Our forked stuff adds X-Envelope-Recipient and X-Envelope-Sender headers to messages, and we've found them useful. But note that we inject a separate message into the queue for each recipient, which means that every message has only one X-Envelope-Recipient header which should already be known in some way to the real recipient of the message. If you use the normal method of injecting a single message into the queue for multiple recipients, and therefore include multiple X-Envelope-Recipient headers, then you're going to wind up violating the intentions of a sender who BCC'd multiple recipients to avoid letting all the recipients in on each others' email addresses. -Jared
