On Mon, 3 Dec 2018, Grant Taylor wrote:
On 12/03/2018 11:53 AM, Alan Hodgson wrote:
I've been watching these for a while, and unfortunately there are a lot of
customer-service type systems that send From: addresses with quoted @domain
addresses in them. Many of them do "user@address via"
<serviceaccount@portal.domain>, but not all.
Sorry, I was talking about the SMTP envelope. The unquoted part between
angle brackets.
Are you talking about the SMTP-envelope From address or the 'Header' from
addreses?
It's possible to set those two different pieces of information to the same value
but note that they are -not- the same attribute.
Depending upon how your SA is glued into your mail system your SA may not even
have any visibility into the SMTP-envelope From address.
Under ordinary circumstances you will not see the SMTP-envelope From address in
an e-mail message.
All the parts you see following that "From: " header element in a message are
the 'Header' from.
[snip...]
So you will definitely get false positives just looking at @'s.
I was talking about only counting the @ signs in the unquoted part between
angle brackets. The <jdoe@i...@ext.example.net> in the following example.
That's the "from:addr" component of the header from address.
--
Dave Funk University of Iowa
<dbfunk (at) engineering.uiowa.edu> College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_admin Iowa City, IA 52242-1527
#include <std_disclaimer.h>
Better is not better, 'standard' is better. B{
