Return Email Information

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Return Email Information

Eric Sherwood
Hello, all.

While working on my mail server (Postfix+Procmail), I noticed that bounced
mail returned from my server doesn't include IP address information. For
example, if I send a message from an outside domain to my server, to an
non-existent mailbox (in this case, [hidden email]), I get the
following in return:

==========
Subject: Test #2
From: Eric Sherwood <[hidden email]>
To: "[hidden email]" <[hidden email]>
Date: 2008/06/26 9:36 am

** REAL REPLICA WATCHES**
==========

This is sent as an attachment (message.eml), which is ok, I guess. But what
I'd like it to do is include the originating IP address for the message.
That's because, if someone was spoofing my outside mailbox
([hidden email]), I would receive the email with the REAL IP address of
the source. That would allow me to notify the proper people to report SPAM.

This came up because someone just spoofed the heck out of one of my
mailboxes and there's not a lot I can do about it. I've been going through
all these bounces and reporting them to the proper people, but not all of
them have IP addresses listed, so I don't know the source IP address to
report.

Regards,
Eric Sherwood
Reply | Threaded
Open this post in threaded view
|

Re: Return Email Information

mouss-2
Eric Sherwood wrote:
> Hello, all.
>
> While working on my mail server (Postfix+Procmail), I noticed that bounced
> mail returned from my server doesn't include IP address information. For
> example, if I send a message from an outside domain to my server, to an
> non-existent mailbox (in this case, [hidden email]), I get the
> following in return:
>  

a correctly configured postfix won't bounce. it will reject. or is this
a submission case? please describe the full mail path (from your MUA to
postfix, including any intermediary MTAs).

> ==========
> Subject: Test #2
> From: Eric Sherwood <[hidden email]>
> To: "[hidden email]" <[hidden email]>
> Date: 2008/06/26 9:36 am
>
> ** REAL REPLICA WATCHES**
> ==========
>  

If this is all you got, then it's not postfix.
> This is sent as an attachment (message.eml), which is ok, I guess. But what
> I'd like it to do is include the originating IP address for the message.
>  

you should learn to read email headers to see who says what. if you want
help, show the full message (unalatered header and body).

> That's because, if someone was spoofing my outside mailbox
> ([hidden email]), I would receive the email with the REAL IP address of
> the source. That would allow me to notify the proper people to report SPAM.
>
> This came up because someone just spoofed the heck out of one of my
> mailboxes and there's not a lot I can do about it. I've been going through
> all these bounces and reporting them to the proper people, but not all of
> them have IP addresses listed, so I don't know the source IP address to
> report.
>
> Regards,
> Eric Sherwood
>