Loading ...
Sorry, an error occurred while loading the content.

remove duplicate "received from" header

Expand Messages
  • Gabor Illo
    Hello all! I have this error message from Hunagrian BSD mailing list: A message from to: bsd@hu.*******.org was considered unsolicited bulk
    Message 1 of 5 , May 29, 2010
    • 0 Attachment
      Hello all!

      I have this error message from Hunagrian BSD mailing list:
      A message from <igabor@******.hu>
      to: bsd@hu.*******.org
      
      was considered unsolicited bulk e-mail (UBE).
      
      Our internal reference code for your message is 73029-03/jIj1z9q1Kd6i
      
      The message carried your return address, so it was either a genuine mail
      from you, or a sender address was faked and your e-mail address abused
      by third party, in which case we apologize for undesired notification.
      
      We do try to minimize backscatter for more prominent cases of UBE and
      for infected mail, but for less obvious cases some balance between
      losing genuine mail and sending undesired backscatter is sought,
      and there can be some collateral damage on either side.
      
      First upstream SMTP client IP address: [195.228.156.104] ns1.stageline.hu
      According to a 'Received:' trace, the message apparently originated at:
        [87.97.80.150], [127.0.0.1] 87.97.80.150.pool.invitel.hu [87.97.80.150]
      
      Return-Path: <igabor@****.hu>
      From: Gabor Illo <igabor@****.hu>
      Message-ID: <4C013FF5.6040307@...>
      Subject: s
      
      Delivery of the email was stopped!
        
      dsn_status
      Reporting-MTA: dns; hu.freebsd.org Received-From-MTA: smtp; hu.freebsd.org ([127.0.0.1]) Arrival-Date: Sat, 29 May 2010 18:25:25 +0200 (CEST) Original-Recipient: rfc822;bsd@... Final-Recipient: rfc822;bsd@... Action: failed Status: 5.7.0 Diagnostic-Code: smtp; 554 5.7.0 Reject, id=73029-03 - SPAM Last-Attempt-Date: Sat, 29 May 2010 18:25:25 +0200 (CEST) Final-Log-ID: 73029-03/jIj1z9q1Kd6i
      header
      Return-Path: <****@...> Received: from mail.stageline.hu (ns1.stageline.hu [195.228.156.104]) by hu.freebsd.org (Postfix) with ESMTP id A7FD150826 for <bsd@...>; Sat, 29 May 2010 18:25:25 +0200 (CEST) Received: by mail.stageline.hu (Postfix, from userid 58) id D3C231C3BE66; Sat, 29 May 2010 16:25:26 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.0 (2010-01-18) on mail.stageline.hu X-Spam-Level: X-Spam-Status: No, score=-0.8 required=5.0 tests=ALL_TRUSTED, MR_NOT_ATTRIBUTED_IP autolearn=no version=3.3.0 Received: from [127.0.0.1] (87.97.80.150.pool.invitel.hu [87.97.80.150]) by mail.stageline.hu (Postfix) with ESMTPSA id 90C371C3BE62 for <bsd@...>; Sat, 29 May 2010 16:25:26 +0000 (UTC) Message-ID: <4C013FF5.6040307@...> Date: Sat, 29 May 2010 18:25:25 +0200 From: Gabor Illo <****@...> User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; hu; rv:1.9.1.9) Gecko/20100317 Thunderbird/3.0.4 MIME-Version: 1.0 To: bsd@... Subject: s Content-Type: text/plain; charset=ISO-8859-2; format=flowed Content-Transfer-Encoding: 8bit

      Somebody help me please? How can i remove this header from my emails?
      Received: from [127.0.0.1] (87.97.80.150.pool.invitel.hu [87.97.80.150])
      	by mail.stageline.hu (Postfix) with ESMTPSA id 90C371C3BE62
      	for <bsd@...>; Sat, 29 May 2010 16:25:26 +0000 (UTC)
        
      I think needed only one Received: from header:
      Received: from mail.stageline.hu (ns1.stageline.hu [195.228.156.104])
      	by hu.freebsd.org (Postfix) with ESMTP id A7FD150826
      	for <bsd@...>; Sat, 29 May 2010 18:25:25 +0200 (CEST)

      Many Thanks
      -- 
      Best Regards
      Gábor Illó
    • mouss
      ... you should ask why hu.freebsd.org blocked your mail? if you get confirmation that it is because of the header above, tell them that blocking mail based on
      Message 2 of 5 , May 30, 2010
      • 0 Attachment
        Gabor Illo a écrit :
        > Hello all!
        >
        > [snip]
        >

        you should ask why hu.freebsd.org blocked your mail? if you get
        confirmation that it is because of the header above, tell them that
        blocking mail based on "internal" Received headers is generally a bad
        idea. if they have a misconfigured barracuda (Barracuda are aware of
        this issue), they should fix it..

        anyway, see below...

        > Somebody help me please? How can i remove this header from my emails?
        >
        > Received: from [127.0.0.1] (87.97.80.150.pool.invitel.hu [87.97.80.150])
        > by mail.stageline.hu (Postfix) with ESMTPSA id 90C371C3BE62
        > for <bsd@...>; Sat, 29 May 2010 16:25:26 +0000 (UTC)
        >

        - Why is your client helo-ing with [127.0.0.1]? Thunderbird can be
        configured to use a custom HELO. See

        http://www.gsd-co.com/thunderbird/

        http://www.how-to-hide-ip.info/2008/12/13/how-to-hide-your-private-ip-in-mozilla-thunderbird/


        - to remove the header above, you can use header_checks, but you need to
        detect which headers to remove (you obviously don't want to remove
        headers added by remote systems). with (pcre syntax assumed):

        /^Received: \[127\.0\.0\.1\] \(\S+ \S+\)\s+by
        mail\.stageline\.hu \(Postfix\) with ESMTPA /
        IGNORE
        you still run the risk of removing a forged header...

        ideally, you should enable the submission service and configure your
        mail clients to use the corresponding port (587). then you can have
        header_checks that apply only to this service.

        >
        > I think needed only one Received: from header:
        >
        > Received: from mail.stageline.hu (ns1.stageline.hu [195.228.156.104])
        > by hu.freebsd.org (Postfix) with ESMTP id A7FD150826
        > for <bsd@...>; Sat, 29 May 2010 18:25:25 +0200 (CEST)
        >

        This one was added by hu.freebsd.org. you can't remove it even if you
        wanted!
      • Gabor Illo
        ... Thanks for your reply! Original Thunderbird added header: Received: from 127.0.0.1 (87.97.86.176.pool.invitel.hu [87.97.86.176]) by mail.stageline.hu
        Message 3 of 5 , May 31, 2010
        • 0 Attachment
          > - to remove the header above, you can use header_checks, but you need to
          > detect which headers to remove (you obviously don't want to remove
          > headers added by remote systems). with (pcre syntax assumed):
          >
          > /^Received: \[127\.0\.0\.1\] \(\S+ \S+\)\s+by
          > mail\.stageline\.hu \(Postfix\) with ESMTPA /
          > IGNORE
          > you still run the risk of removing a forged header...
          >
          > ideally, you should enable the submission service and configure your
          > mail clients to use the corresponding port (587). then you can have
          > header_checks that apply only to this service.

          Thanks for your reply!

          Original Thunderbird added header:

          Received: from 127.0.0.1 (87.97.86.176.pool.invitel.hu [87.97.86.176])
          by mail.stageline.hu (Postfix) with ESMTPSA id 358E61C3BC49
          for<nospam@...>; Mon, 31 May 2010 15:37:26 +0000 (UTC)

          /usr/local/etc/postfix/main.cf

          header_checks = pcre:$config_directory/header_checks

          /usr/local/etc/postfix/header_checks

          /^Received: \[127\.0\.0\.1\] \(\S+ \S+\)\s+by
          mail\.stageline\.hu \(Postfix\) with ESMTPA /
          IGNORE

          postfix restart

          Header check filter not work. I still receive thunderbird header. Can somebody fix the perl regexp code?

          Thanks!
        • Noel Jones
          ... The only obvious error I see is your expression looks for ESTMPA but the sample header contains ESTMPSA. Note: the expression should be all on one line in
          Message 4 of 5 , May 31, 2010
          • 0 Attachment
            On 5/31/2010 11:02 AM, Gabor Illo wrote:
            >> - to remove the header above, you can use header_checks, but you need to
            >> detect which headers to remove (you obviously don't want to remove
            >> headers added by remote systems). with (pcre syntax assumed):
            >>
            >> /^Received: \[127\.0\.0\.1\] \(\S+ \S+\)\s+by
            >> mail\.stageline\.hu \(Postfix\) with ESMTPA /
            >> IGNORE
            >> you still run the risk of removing a forged header...
            >>
            >> ideally, you should enable the submission service and configure your
            >> mail clients to use the corresponding port (587). then you can have
            >> header_checks that apply only to this service.
            >
            > Thanks for your reply!
            >
            > Original Thunderbird added header:
            >
            > Received: from 127.0.0.1 (87.97.86.176.pool.invitel.hu [87.97.86.176])
            > by mail.stageline.hu (Postfix) with ESMTPSA id 358E61C3BC49
            > for<nospam@...>; Mon, 31 May 2010 15:37:26 +0000 (UTC)
            >
            > /usr/local/etc/postfix/main.cf
            >
            > header_checks = pcre:$config_directory/header_checks
            >
            > /usr/local/etc/postfix/header_checks
            >
            > /^Received: \[127\.0\.0\.1\] \(\S+ \S+\)\s+by
            > mail\.stageline\.hu \(Postfix\) with ESMTPA /
            > IGNORE
            >
            > postfix restart
            >
            > Header check filter not work. I still receive thunderbird header. Can
            > somebody fix the perl regexp code?

            The only obvious error I see is your expression looks for
            ESTMPA but the sample header contains ESTMPSA. Note: the
            expression should be all on one line in your header_checks file.

            You can test your header_checks expression from the command
            line with the postmap command:
            postmap -h -q - pcre:/path/to/header_checks < test_message

            If it matches, IGNORE will be printed. No match, no output.

            -- Noel Jones
          • mouss
            ... In your previous message to the list, we see Received: from [127.0.0.1] (87.97.80.150.pool.invitel.hu [87.97.80.150]) by mail.stageline.hu (Postfix) with
            Message 5 of 5 , May 31, 2010
            • 0 Attachment
              Gabor Illo a écrit :
              >> - to remove the header above, you can use header_checks, but you need to
              >> detect which headers to remove (you obviously don't want to remove
              >> headers added by remote systems). with (pcre syntax assumed):
              >>
              >> /^Received: \[127\.0\.0\.1\] \(\S+ \S+\)\s+by
              >> mail\.stageline\.hu \(Postfix\) with ESMTPA /
              >> IGNORE
              >> you still run the risk of removing a forged header...
              >>
              >> ideally, you should enable the submission service and configure your
              >> mail clients to use the corresponding port (587). then you can have
              >> header_checks that apply only to this service.
              >
              > Thanks for your reply!
              >
              > Original Thunderbird added header:
              >
              > Received: from 127.0.0.1 (87.97.86.176.pool.invitel.hu [87.97.86.176])
              > by mail.stageline.hu (Postfix) with ESMTPSA id 358E61C3BC49
              > for<nospam@...>; Mon, 31 May 2010 15:37:26 +0000 (UTC)
              >

              In your previous message to the list, we see

              Received: from [127.0.0.1] (87.97.80.150.pool.invitel.hu [87.97.80.150])
              by mail.stageline.hu (Postfix) with ESMTPSA id DD0851C3BE62
              for <postfix-users@...>; Sat, 29 May 2010 16:43:04 +0000 (UTC)

              now, in your last message, we see

              Received: from 127.0.0.1 (87.97.86.176.pool.invitel.hu [87.97.86.176])
              by mail.stageline.hu (Postfix) with ESMTPSA id 08B751C3BC10
              for <postfix-users@...>; Mon, 31 May 2010 16:02:51 +0000 (UTC)

              so your helo changed from "[127.0.0.1]" to "127.0.0.1"

              what did you do?



              > [snip]
            Your message has been successfully submitted and would be delivered to recipients shortly.