On Wed, 12 Dec 2007 09:02:33 +0100, till <[EMAIL PROTECTED]> wrote:
> On Dec 12, 2007 1:13 AM, Martin Kealey <[EMAIL PROTECTED]> wrote:
>>
>>
>> On of the problems we encounter as an ISP is the occassional customer
>> account getting hijacked and used to send spam from the webmail
> interface.
>>
>> To assist in tracking down the perpetrators, we've created a patch that
>> inserts a Received header that records information so we can track down
> the
>> compromised account. (In particular, the timestamp, source IP address
> and
>> login name.)
>>
>> The header is formatted like this:
>>
>> Received: from [ip-address] (host.domain; login=username)
>> by hostname-of-server
>> with HTTP/version ;
>> datestamp
>>
>> You might wonder "why use the Received header"; well, the simple reason
> is
>> so it can be processed the same way as any other spam report - and we
> get a
>> lot of those.
>>
>> Is this of interest to anyone else?
>
> Isn't this what people use the "X-Sender"-header for? If I remember
> correctly that would be the defacto standard - but it would "only"
> contain an IP. ;-)
>
> Regards,
> Till
Indeed, you are correct. But as I see it, the two most common practices are:
1) Using the "view source" option already available in roundcube.
2) Adding an X-report-spam header in your mail server header.
Of course given that roundcube already has the "view source" option.
Instructing your
clients to use it and copy the contents into an email to postmaster@ should
resolve
most issues. No?
Just my 2 cents worth.
> _______________________________________________
> List info: http://lists.roundcube.net/dev/
/////////////////////////////////////////////////////
Service provided by hitOmeter.NET internet messaging!
.
_______________________________________________
List info: http://lists.roundcube.net/dev/
