>Operators of newsgroups which mirror/archive mailing >lists, and allow posting from a web interface, are adding forged >Received: headers before sending an email to the respective list >server.
In what way are they forged? Do they contain addresses that doesn't match the system adding the received-line or the system it received the message from? >In both cases the last two Received: headers in each message are >forgeries as no SMTP transaction occurred. Does those headers say that a SMTP transaction occurred? If they don't, what is forced? I'm not sure server you mean "last in insertion order" or "last in reading order" so I'll answer for both. :-) Insertion order: >Received: from list by plane.gmane.org with local (Exim 4.69) > (envelope-from <gldu-debian-use...@m.gmane.org>) > id 1VVzEY-0005lJ-P1 > for debian-u...@lists.debian.org; Tue, 15 Oct 2013 09:40:02 +0200 This one says it was received locally without using SMTP. This is normal when a message is sent/queued by a local application. >Received: from plane.gmane.org (plane.gmane.org [80.91.229.3]) > (using TLSv1 with cipher AES256-SHA (256/256 bits)) > (Client did not present a certificate) > by bendel.debian.org (Postfix) with ESMTPS id 7DD8CA6 > for <debian-u...@lists.debian.org>; Tue, 15 Oct 2013 07:40:05 +0000 >(UTC) This one says nothing says that the message was received with a ESMTP. Do you know that it wasn't? Reading order: >Received: from 94.79.44.98 ([94.79.44.98]) > by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) > id 1AlnuQ-0007hv-00 > for <debian-u...@lists.debian.org>; Sun, 13 Oct 2013 19:40:43 +0200 This one says it was received with ESMTP. Again, do you know it wasn't? >Received: from freehck by 94.79.44.98 with local (Gmexim 0.1 (Debian)) > id 1AlnuQ-0007hv-00 > for <debian-u...@lists.debian.org>; Sun, 13 Oct 2013 19:40:43 +0200 This one says it was received locally without SMTP. This is perfectly normal if it was received from a local application, for example a web server running a PHP script or a gateway fetching messaging from something else. >I'm sure this violates more >than one SMTP RFC, but I doubt Gmane will change the way they do this >any time soon. I don't think it does. Trace headers are useful for mail regardless of the protocol used for the transfers between systems/applications, and are defined in the Internet Mail Format RFCs (822 descendants, not sure what the current one is but if you start at 2822 you should be able to find it). (Also, does the SMTP RFCs really apply when your not using SMTP?) Regards /jonas -- Monypholite gemgas.
