Re: Yow, Madduck!

To: debian-user@lists.debian.org
Subject: Re: Yow, Madduck!
From: Volker Gerstenkorn <volker@gerstenkorn.de>
Date: Fri, 11 Jan 2002 18:43:28 +0100
Message-id: <[🔎] 5.1.0.14.0.20020111175854.03337b90@127.0.0.1>
In-reply-to: <[🔎] 20020111160006.GB2136@localhost>
References: <[🔎] 20020111000212.B17265@achilles.net> <E16OpDn-0003uo-00@seal> <[🔎] 20020110193916.W17265@achilles.net> <[🔎] 20020111024228.GA4868@localhost> <[🔎] 20020110231123.Z17265@achilles.net> <[🔎] 20020111000212.B17265@achilles.net>

At 17:00 11.01.02, dman wrote:

On Fri, Jan 11, 2002 at 12:02:12AM -0500, Brenda J. Butler wrote:

...

| Received: from unknown (HELO machine.remailer.address) (206.99.235.25)
|   by samaria.achilles.net with SMTP; 11 Jan 2002 04:30:36 -0000

I'd say that your ISP has its 'doze machine misconfigured because it
claims it is "machine.remailer.address" but that name doesn't exist.
The IP of the machine is 206.99.235.25.  That system handed the
message to samaria.achilles.net.


The 'doze machine is the remailer which is broken. whois shows
IEEE COMPUTER SOCiety (NETBLK-CW-206-99-234) CW-206-99-234
     206.99.234.0 - 206.99.235.255
as netblock owner. samaria.achilles.net is the smtp server for Brenda's ISP.

| Received: (qmail 21575 invoked from network); 11 Jan 2002 04:30:36 -0000

qmail got the message next.  Pretty sparse data here.  I guess one
would need to be familiar with qmail's operation to know what "invoked
from network" means.  Still, it doesn't say what machine or anything.


AFAIK qmail is the smtp program of samaria.achilles.net. It puts the mail into

the users (Brenda's) directory of the pop server program. Both are on samemachine so no

IP addresses are mentionned.

| Received: from pop1.achilles.net
|       by localhost with POP3 (fetchmail-5.3.3)
|       for bjb@localhost (single-drop); Thu, 10 Jan 2002 23:31:48 -0500 (EST)

Fetchmail on Brenda's box fetches the mail with POP3 and write its receiveline.Her .fetchmailrc contains no smtpaddress field, user name is bjb, so itclaims to

fetch for bjb@localhost.
pop1.achilles.net and samaria.achilles.net are the same machine of her ISP.

...

Nope, it is telling you that your ISP is (partially) messed up :-).


Nope, the remailer is partially messed up.

...

The purpose of the Received: headers are just to allow admins to track
down what happened to a message so that configs can be debugged.  Each
system can be configured to put whatever it wants as a Received:
header, or nothing at all.  It is recommended to include the info,
though, in case something goes wrong somewhere.


Advanced users also need Received: headers to track down spammers. Bad luck if
an open relay doesn't log IP addresses of senders.

Greetings

--
Volker Gerstenkorn

Aus Lübeck kommt nicht nur Marzipan...

Reply to:

Follow-Ups:
- Re: Yow, Madduck!
  - From: martin f krafft <madduck@madduck.net>

References:
- Re: Yow, Madduck!
  - From: "Brenda J. Butler" <bjb@achilles.net>
- Yow, Madduck!
  - From: "Brenda J. Butler" <bjb@achilles.net>
- Re: Yow, Madduck!
  - From: dman <dsh8290@rit.edu>
- Re: Yow, Madduck!
  - From: "Brenda J. Butler" <bjb@achilles.net>
- Re: Yow, Madduck!
  - From: dman <dsh8290@rit.edu>

Prev by Date: Re: problem installing debian
Next by Date: Re: emergency shutdown?
Previous by thread: Re: Yow, Madduck!
Next by thread: Re: Yow, Madduck!
Index(es):
- Date
- Thread