Lately I've been getting a lot of spam that's addressed to someone other
than me, or has no "To" line at all. I'm not CCed or BCCed, I can't find
my e-mail address anywhere in the header.
How? How can I receive that mail if there's nothing in there that says
I'm the one that should receive it?
--
"Will we be suturing the anus?"
glhansen@steel.ucs.indiana.edu (Gregory L. Hansen) writes:
> How? How can I receive that mail if there's nothing in there that says
> I'm the one that should receive it?
There is a difference between the header "To" content and the
"envelope" destination, as expressed to your receiving mail transport
during the protocol.
Think of it this way: You get magazines in the mail. They contain no
content between the covers which addresses them to you. In fact,
there are letters to the editor in most magazines that are unrelated
to you personally. But there's a mailing label on the outside that
makes the postal system get it to you.
The same idea happens in email, which is most obvious in mailing lists
(you're not listed in the To there, either; they're like magazines)
and spam. The headers can say anything they want; what gets the mail
to you is what the sending mail transport asked for during mail
transfer protocol to your receiving mail transport.
In article
Karl Kleinpaste
>glhansen@steel.ucs.indiana.edu (Gregory L. Hansen) writes:
>> How? How can I receive that mail if there's nothing in there that says
>> I'm the one that should receive it?
>
>There is a difference between the header "To" content and the
>"envelope" destination, as expressed to your receiving mail transport
>during the protocol.
>
>Think of it this way: You get magazines in the mail. They contain no
>content between the covers which addresses them to you. In fact,
>there are letters to the editor in most magazines that are unrelated
>to you personally. But there's a mailing label on the outside that
>makes the postal system get it to you.
>
>The same idea happens in email, which is most obvious in mailing lists
>(you're not listed in the To there, either; they're like magazines)
>and spam. The headers can say anything they want; what gets the mail
>to you is what the sending mail transport asked for during mail
>transfer protocol to your receiving mail transport.
Oh. I didn't realize the header information was so... optional.
--
Irony: "Small businesses want relief from the flood of spam clogging their
in-boxes, but they fear a proposed national 'Do Not Spam' registry will
make it impossible to use e-mail as a marketing tool."
http://www.bizjournals.com/houston/stories/2003/11/10/newsco lumn6.html
In article
Gregory L. Hansen
> Lately I've been getting a lot of spam that's addressed to someone other
> than me, or has no "To" line at all. I'm not CCed or BCCed, I can't find
> my e-mail address anywhere in the header.
How do you know your address wasn't in the BCC header when the spam
was sent? If a mail user agent inserts a BCC header then the mail
transport agent will, if instructed, read addresses from it and then
remove it. The spam was most likely sent by a spam application and the
spam most likely never contained a BCC or CC in the first place.
--
Göran Larsson http://www.mitt-eget.com/
In article
>In article
>Gregory L. Hansen
>
>> Lately I've been getting a lot of spam that's addressed to someone other
>> than me, or has no "To" line at all. I'm not CCed or BCCed, I can't find
>> my e-mail address anywhere in the header.
>
>How do you know your address wasn't in the BCC header when the spam
>was sent? If a mail user agent inserts a BCC header then the mail
>transport agent will, if instructed, read addresses from it and then
>remove it. The spam was most likely sent by a spam application and the
>spam most likely never contained a BCC or CC in the first place.
I just assumed the header information stays intact.
--
"In any case, don't stress too much--cortisol inhibits muscular
hypertrophy. " -- Eric Dodd
hoh@invalid.invalid (Goran Larsson) wrote in
news:ICH92A.AAp@approve.se:
>...
> If a mail user agent inserts a BCC header then
> the mail transport agent will, if instructed, read addresses
> from it and then remove it.
Where did you get that idea? No RFC compliant MTA will do either
thing.
In article
says...
> Lately I've been getting a lot of spam that's addressed to someone other
> than me, or has no "To" line at all. I'm not CCed or BCCed, I can't find
> my e-mail address anywhere in the header.
> How? How can I receive that mail if there's nothing in there that says
> I'm the one that should receive it?
Email is delivered to the address in the SMTP "RCPT TO:" command. There is
no requirement that this "RCPT TO:" email address be shown in the headers of
the message as delivered to the recipient. Some, but not all, email
providers add a line like "X-Delivered-To:
adds "X-Apparently-To:
Mail Delivery Agent (MDA) to add that header line, though.
Here is a transcript of the actual SMTP process to send an email:
> 220-aosake.net ESMTP server ready.
> 220-No unauthorized relaying, or spam is allowed.
> 220 No legal obligation of acceptance by aosake.net exists.
> HELO Nobody.com
> 250 aosake.net Hello, Nobody.com.
> MAIL FROM
> RCPT TO:
> 250 Recipient OK - send RCPT or DATA.
That is the only critical part of the session. The next line will be "DATA"
(unless additional recipients are to be designated; but "DATA" will always
be the next SMTP command after the last recipient is designated), followed
by the message, including any "From:", "To:", or "Cc:" email addresses, but
not including any indication of a "BCC:" delivery. But there is no
requirement that the "To:", or the "Cc:" must match the "RCPT TO:"; nor that
the "RCPT TO:", or "BCC:" email addresses be included in the message
headers.
--
Norman
~Win dain a lotica, En vai tu ri, Si lo ta
~Fin dein a loluca, En dragu a sei lain
~Vi fa-ru les shutai am, En riga-lint
In article
NormanM <2003SBC21.spam@aosake.net> wrote:
>In article
>says...
>
>> Lately I've been getting a lot of spam that's addressed to someone other
>> than me, or has no "To" line at all. I'm not CCed or BCCed, I can't find
>> my e-mail address anywhere in the header.
>
>> How? How can I receive that mail if there's nothing in there that says
>> I'm the one that should receive it?
>
>Email is delivered to the address in the SMTP "RCPT TO:" command. There is
>no requirement that this "RCPT TO:" email address be shown in the headers of
>the message as delivered to the recipient. Some, but not all, email
>providers add a line like "X-Delivered-To:
>adds "X-Apparently-To:
>Mail Delivery Agent (MDA) to add that header line, though.
>
>Here is a transcript of the actual SMTP process to send an email:
>
>> 220-aosake.net ESMTP server ready.
>> 220-No unauthorized relaying, or spam is allowed.
>> 220 No legal obligation of acceptance by aosake.net exists.
>> HELO Nobody.com
>> 250 aosake.net Hello, Nobody.com.
>> MAIL FROM
>> RCPT TO:
>> 250 Recipient OK - send RCPT or DATA.
>
>That is the only critical part of the session. The next line will be "DATA"
>(unless additional recipients are to be designated; but "DATA" will always
>be the next SMTP command after the last recipient is designated), followed
>by the message, including any "From:", "To:", or "Cc:" email addresses, but
>not including any indication of a "BCC:" delivery. But there is no
>requirement that the "To:", or the "Cc:" must match the "RCPT TO:"; nor that
>the "RCPT TO:", or "BCC:" email addresses be included in the message
>headers.
I don't suppose all of that is delivered somewhere with the letter.
I've read line-by-line descriptions of e-mail where it wasn't really
suggested that all that other stuff is going on, and that the lines in the
header didn't necessarily have anything to do with where the message goes.
At least now I know. I'm not sure if that helps me, but now I know.
Thanks.
--
"Yes, I revere you much, honored ones, and wish to fart in response." --
Aristophanes, Clouds
In article
Fred Viles
> hoh@invalid.invalid (Goran Larsson) wrote in
> news:ICH92A.AAp@approve.se:
> > If a mail user agent inserts a BCC header then
> > the mail transport agent will, if instructed, read addresses
> > from it and then remove it.
> Where did you get that idea? No RFC compliant MTA will do either
> thing.
The documentation for the Exim MTA has this:
| -t When Exim is receiving a locally-generated, non-SMTP message on the
| current input, the -t option causes the recipients of the message to be
| obtained from the "To:", "Cc:", and "Bcc:" headers in the message
| instead of from the command arguments. The addresses are extracted
| before any rewriting takes place.
|
| If there are in fact any arguments, they specify addresses to which the
| message is not to be delivered. That is, the argument addresses are
| removed from the recipients list obtained from the headers. This is
| compatible with Smail 3 and in accordance with the documented behaviour
| of several versions of Sendmail, as described in man pages on a number
| of operating systems (e.g. Solaris 2.6, IRIX 6.5, HP-UX 11). However,
| some versions of Sendmail add argument addresses to those obtained from
| the headers, and a 1994 Sendmail book documents it that way. Exim can
| be made to behave in this way by setting the option "extract_addresses_
| remove_arguments" false.
|
| If a "Bcc:" header is present, it is removed from the message unless
| there is no "To:" or "Cc:" header, in which case a "Bcc:" header with
| no data is created, in accordance with RFC 822.
From this we can see that Exim, Smail and Sendmail handle the BCC header
line in this way. We also see that RFC 822 requires this behaviour.
What do you suggest a RFC compliant MTA should do when it finds a BCC
header in the mail received from the local MUA?
--
Göran Larsson http://www.mitt-eget.com/
In article
says...
> In article
> NormanM <2003SBC21.spam@aosake.net> wrote:
> >In article
> >says...
> >> Lately I've been getting a lot of spam that's addressed to someone other
> >> than me, or has no "To" line at all. I'm not CCed or BCCed, I can't find
> >> my e-mail address anywhere in the header.
> >> How? How can I receive that mail if there's nothing in there that says
> >> I'm the one that should receive it?
> >Email is delivered to the address in the SMTP "RCPT TO:" command. There is
> >no requirement that this "RCPT TO:" email address be shown in the headers of
> >the message as delivered to the recipient. Some, but not all, email
> >providers add a line like "X-Delivered-To:
> >adds "X-Apparently-To:
> >Mail Delivery Agent (MDA) to add that header line, though.
> >Here is a transcript of the actual SMTP process to send an email:
> >> 220-aosake.net ESMTP server ready.
> >> 220-No unauthorized relaying, or spam is allowed.
> >> 220 No legal obligation of acceptance by aosake.net exists.
> >> HELO Nobody.com
> >> 250 aosake.net Hello, Nobody.com.
> >> MAIL FROM
> >> RCPT TO:
> >> 250 Recipient OK - send RCPT or DATA.
> >That is the only critical part of the session. The next line will be "DATA"
> >(unless additional recipients are to be designated; but "DATA" will always
> >be the next SMTP command after the last recipient is designated), followed
> >by the message, including any "From:", "To:", or "Cc:" email addresses, but
> >not including any indication of a "BCC:" delivery. But there is no
> >requirement that the "To:", or the "Cc:" must match the "RCPT TO:"; nor that
> >the "RCPT TO:", or "BCC:" email addresses be included in the message
> >headers.
> I don't suppose all of that is delivered somewhere with the letter.
The parts up to the "DATA" statement are not always included. "MAIL FROM:"
is typically included as the "Return-Path:", but that is easily forged.
"HELO" is supposed to be in the "Received: from *** by ***" line written by
the MX receiving the email. "RCPT TO:", as I have explained, is optionally
included, but you have to check your email to see if it is included.
> I've read line-by-line descriptions of e-mail where it wasn't really
> suggested that all that other stuff is going on, and that the lines in the
> header didn't necessarily have anything to do with where the message goes.
The part I didn't show is how the "Received: from *** by ***" lines are
added. Those are only supposed to be added by any MTA actually handling the
email; but they are easily added by the mail client at the source. All such
lines added by MTAs prior to the current pair in an SMTP transaction are a
part of the message "DATA"; only the one written by the receiving MTA is
new.
> At least now I know. I'm not sure if that helps me, but now I know.
It only helps to understand how you get email to an email address which
isn't shown in the headers. And if you want to try and trace the message
submission source; which is not always the same as the message originating
source.
--
Norman
~Win dain a lotica, En vai tu ri, Si lo ta
~Fin dein a loluca, En dragu a sei lain
~Vi fa-ru les shutai am, En riga-lint
hoh@invalid.invalid (Goran Larsson) wrote in
news:ICHMyn.EHG@approve.se:
> In article
> Fred Viles
>
>> hoh@invalid.invalid (Goran Larsson) wrote in
>> news:ICH92A.AAp@approve.se:
>
>> > If a mail user agent inserts a BCC header then
>> > the mail transport agent will, if instructed, read addresses
>> > from it and then remove it.
>
>> Where did you get that idea? No RFC compliant MTA will do
>> either thing.
>
> The documentation for the Exim MTA has this:
>
>| -t When Exim is receiving a locally-generated, non-SMTP message on the
>| current input, ...
non-SMTP. OK, I see the disconnect. In my mind, "MTA" == "SMTP server".
It's debatable whether a program running in command line submission
mode is operating as an MTA or an MUA/MSA. I'd call it an MSA, but...
>| If a "Bcc:" header is present, it is removed from the
>| message unless there is no "To:" or "Cc:" header, in which
>| case a "Bcc:" header with no data is created, in
>| accordance with RFC 822.
RFC 822 has nothing to say about SMTP.
> What do you suggest a RFC compliant MTA should do when it finds
> a BCC header in the mail received from the local MUA?
Depends what you mean by "MTA". An _SMTP server_ is required to
leave it alone, just like all the other headers. An RFC compliant
MUA will not include a BCC header in the copy of the message to be
delivered to the non-BCC recipients.
- Fred