|
Posted by * * Chas on April 20, 2006, 11:07 pm
If you were Registered and logged in, you could reply and use other advanced thread options
> "* * Chas" to "Beauregard T. Shagnasty":
>
> <<snip>>
> > Good link, thanks for the response.
>
> Well, it may have seemed good to you, BUT it was not actually very
helpful, as
> it hasn't helped you actually understand what is going on...
>
> > I've just been attributing the problem to faulty servers that let
> > misaddresed messages slip through.
>
> Nope -- all the servers in the delivery chain are (pretty much) just
> doing what the RFCs require them to do so SMTP Email works.
>
> > In looking at the properties of the offending messages, via OE,
> > MailWasher Pro, Thunderbird and my web mail sites, I've found that
my
> > address sometimes shows up in the cc section but I haven't seen any
BCC
> > section of these messages. Does this portion get stripped off of the
> > message?
>
> Look, BCC is a red-herring, both here and in the other fork of this
thread.
> The RFCs _are_ the place to go to work out what is really happening,
but the
> poster who sent you to look at the RFCs sent you to the wrong place...
>
> RFC 2822 section 3.6.7, and especially its discussion of the
"Return-Path:"
> field, is the only stuff of great relevance in RFC 2822. More
important is
> RFC 2821 as that deals with the mechanics of message _delivery_.
(Note that,
> depending on your mail client, you may not even be able to display the
_full_
> headers as described in RFC 2822. Also note that, depending on your
Email
> client or even server, you may not see a "Return-Path:" header but
instead a
> "From " header and in the past (I don't recall the MUA but think it
was on a
> VAX running VMS) I once even saw "Received-From:" instead of
"Return-Path:".)
>
> Anyway, the reason "your" spam is arriving despite apparently not
having your
> address in any of the (obvious) addressing headers is because of the
way that
> RFC 2821 defines delivery of SMTP Email. If you don't want to read
the whole
> RFC (probably advisable!) start with section 3.3 and pay special
attention to
> the relationship between the "MAIL FROM:" and "RCPT TO:" command and
the
> _actual message including all its standard, invariant (sending
MUA-specified)
> headers_. (A hint: the latter are all contained within the "DATA"
part of the
> transmission and thus have a _purely arbitrary_ relationship with the
"MAIL
> FROM:" and "RCPT TO:" delivery protocol commands.)
>
> This feature is what allows various kinds of spoofing, allows for BCC
> functionality, makes running mailing lists and such much easier, and
probably
> many other good features.
>
> I hope this helps...
> --
> Nick FitzGerald
>
Thanks Nick,
I've been trying to understand how Email works to see if there is
anything that I could do to stop the flow of junk before it gets
downloaded. MY ISPs are no help.
I avoided using BCC myself after several people I know sent out
confidential business information to unauthorized recipients. Very
embarrassing for all involved.
I use older versions of AOL for my spam catcher Email. I have all the
people who send me large junk files (jokes, pictures etc.) use one of my
AOL addresses. I can delete them w/o having to DL the messages and I
periodically delete the accounts and set up new ones.
Chas.
| 
XML site map