[imp] RFC 822 - Security hole???

G G Papazoglou grp at med.uoc.gr
Sat Jan 11 02:27:54 PST 2003


Hi. I use IMP with a mail server on a different machine.
I have sent a mail using a dial-up connection. So, when I examined the
RFC-822 header generated, I was surprised to see that the whole course
of the message is recorded! It shows the initial IP of the dial-up
connection (which of course could be a static IP), then the IP of the
mail server, and then the IP of the server hosting IMP...This is
really unwanted behavior. Can I prevent this from happening?

See what exactly this header is:

X-Apparently-To: recipient at yahoo.com via 66.218.78.20; 04 Jan 2003 15:52:39 -0800 (PST)
Return-Path: <sender at mydomain.com>
Received: from 1.2.3.4 (EHLO mail.mydomain.com) (1.2.3.4) by mta157.mail.scd.yahoo.com with SMTP; 04 Jan 2003 15:52:38 -0800 (PST)
Received: from localhost (webmail.mydomain.com [5.6.7.8]) by
mail.mydomain.com (8.12.7/8.12.7) with ESMTP id h056qYZ7011789; Sun, 5 Jan 2003 01:52:34 -0500 (EST)
Received: from 9.10.11.12 ( [9.10.11.12]) as user sender at 1.2.3.4 by
webmail at mydomain.com with HTTP; Sun, 5 Jan 2003 01:54:53 +0200
Message-ID: <1041724493.3e17744ddb43d at webmail.mydomain.com>
Ημερομηνία: Sun, 5 Jan 2003 01:54:53 +0200 
Από: "Sender name" <sender at mydomain.com>
Προς : recipient at yahoo.com
Θέμα: test
MIME-Version: 1.0 
Content-Type: text/plain; charset=ISO-8859-7 
Content-Transfer-Encoding: 8bit 
User-Agent: Internet Messaging Program (IMP) 3.1
X-Originating-IP: 9.10.11.12
X-MailScanner: Found to be clean 
Content-Length: 148 



Thanks,
Greg



More information about the imp mailing list