Ben Wylie wrote: > > > Received: (from localhost [24.180.47.240]) > > > by server. (NAVGW 2.5.2.12) with SMTP id M2006060503484615455 > > > for <[EMAIL PROTECTED]>; Mon, 05 Jun 2006 03:48:47 +0100 > > > What broken-ass software is producing these received headers? "by > > server." certainly isn't too descriptive. I suppose I could write > > you a patch to fix this, but I'm not sure that it'd be included in > > the standard code base. > > NAVGW stands for Norton Antivirus for Gateways.
Yes, that certainly qualifies as broken software. I used NAVGW for a while. My server eventually got overwhelmed by incoming email and I expanded to three NAVGW servers. These also got overwhelmed. I finally gave up on them and replaced the three NAVGW servers with a single system running ClamAV, SA, and my MTA. Since this has the ability to reject unknown users before they are scanned, it is much happier and typically runs at less than 10% CPU usage. If this is your server, I would urge you to replace it for a few reasons: 1) It has no capability of rejecting unknown users. This means that every incoming email must be scanned and forwarded. During a dictionary attack, this can be a major problem. 2) Because of #1, you wind up sending delivery failure notices to lots of faked senders. This can cause you to be blocked or put on some blacklists. It also fills up your mail queue with undeliverable bounce messages. 3) It operates as a black box with very little control over the mail queue or the way it operates. 4) It generates screwed up mail headers as seen above. It's possible that they may have fixed some of this since I last used it. But even so, ClamAV is a good, free alternative. -- Bowie
