At 16:57 18/06/2004, you wrote:
Given the
complete lack of originating IP or envelope information
when fetching from a remote POP3 mailbox,
...huh? The envelope-from is there in the Return-Path: header; the
originating IP is there in a Received: header (usually the first, but
if there's an internal handoff within the organization, it may be a
later one).
The envelope-to _has_ usually been lost, unfortunately.
I was perhaps being a bit simplistic in my moan ... The main ISP I use does
actually include an Envelope-to: header, and so I guess all the information
I complained about is there after all. I was thinking from the perspective
of running fetchmail locally to fetch mail and pass it to the MTA; of
course by then the originating IP has been lost as far as the MTA (postfix
in my case) is concerned, as connections come from localhost.
Actually. [having just looked into it while writing this] fetchmail does
parse the headers to find the originating IP, but it appears to only check
this against a blacklist file. I'd have to work out some way of patching
in the blackhole DNS checks that I currently use with postfix, or patch
them both to pass the IP over in some defined way. This is probably beyond
my skills ... Greylisting won't be of help in this case at all, as it only
works on the initial mail server that receives the spam directly.
It'll probably be easier to one day when I have a day to spare to trawl
through all my email and work out what is wanted that comes in on those
addresses, and sort those out, then ditch those accounts! [They are mostly
used by contact addresses on domain registrations, financial stuff, mailing
lists, etc. not impossible to change, but not quite as easy as sending out
an email to all my contacts saying I've moved.]
Rob