[olug] Reading the Received header in email
David Gilman
davidgilman1 at gmail.com
Mon Dec 1 21:20:34 CST 2014
Noob mail admin here. I'm so nooby that I've outsourced the whole
thing to Google to get it working instead of learning it myself.
My MX record points at their Google mail servers, and they've got SPF
configured so only their servers can send mail for my domain. There
is a mail server running on the machine that the A record points.
After a quick look through the configuration files it does seem to
only be listening on localhost but I don't know exim4 in and out
enough to be assured.
I've got Google's mail servers configured to redirect all mail sent to
any address to the admin inbox as a way of catching things that get
lost. Every now and then I get a bounce message, and they've got an
initial Received: line like the following:
Received: from $GARBAGE (unknown [$MYSTERY_IP])
by $MY_DOMAIN with SMTP id $SMTP_IP
for <$SOMETHING@$NOT_MY_DOMAIN>; Mon, 20 Oct 2014 04:50:18 +0800
where $GARBAGE is what looks like someone mashing on the keys and
clearly not a FQDN. I don't see my A record's IP anywhere.
I don't understand what the Received line is telling me. The
$MYSTERY_IP isn't mine at all, so why does it say it came from
$MY_DOMAIN? What's going on here?
--
David Gilman
:DG<
More information about the OLUG
mailing list