[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: et.al., (was: Dependencies et al, was: Default Debian install harassed me)

On Mon 07 Oct 2019 at 15:09:09 (+0200), Thomas Schmitt wrote:
> i wrote:
> > > To my best knowledge, "X-Spam-Status: ... tests=...,LDOSUBSCRIBER,..."
> > > says that the "From:" address of the mail is subscribed.
> Brian wrote:
> > Are you sure it is the From: and not the envelope From? My From: is
> > not subscribed.
> Interesting observation.
> So the address by which you submit your mail to the remote server is
> subscribed and it is not the "From:" address which your mail client
> writes into the header part of the mail ?
> I wonder whether my mail provider would allow me to send via SMTP
>   MAIL FROM:<scdbackup@gmx.net>
>   RCPT TO:debian-user@lists.debian.org
> and then by DATA
>   From: "Somebody Else" <totally@fake.com>

It's fairly easy to find out by trying it out, only obviously in an
email to yourself, not the list. Perhaps not as easy as it was,
because unencrypted telnet has all but gone. And I've also found that
my ISP is more "impatient" and times out fairly quickly, so nowadays
I assemble the whole email in an emacs buffer and paste it into the
session all in one go. Here's an example, suitably mangled:

$ openssl s_client -starttls smtp -crlf -connect smtp.some.submission.host.tld:12345

That opens the session, and I only press Return when I've copied the
email itself into the paste buffer. Here's the email, and there's
a blank line after the header.

ehlo wren.corp
auth plain MyAuthenticationNameAndPasswordInBase64==
mail from:RealUsername@RealDomain.tld
rcpt to:<SomeUsername@WhereYouCanReadTheEmail.tld>
From: Whoever You Want To Be <their@emailaddress.tld>
to: <SomeUsername@WhereYouCanReadTheEmail.tld>
subject: hand written test 01

Hand written test 01
You could duplicate the headers here as a record

I do it all in a script session so that I get a recording, from which
I snip the authentication lines before archiving it.
BTW the string in the authentication line above is generated with:
$ echo -e -n '\0username\0password' | base64
Obviously I'm assuming that your ISP has facilities comparable to
mine, which are (I use two):

250-SIZE 20480000
250 DSN

250-SIZE 30000000
250 OK

However, I see lots of DKIM stuff in your emails, so it might not be
as simple as this for you. But in principle, it should work.

   There is no inherent relationship between either "reverse" (from
   MAIL, SAML, etc., commands) or "forward" (RCPT) addresses in the SMTP
   transaction ("envelope") and the addresses in the header section.
   (RFC 5321.)

> But how do Debian list servers know ?
> Is it because Exim 4.89 said "MAIL FROM:<...subscribed.address...>" to
> lists.debian.org ?
> Or is it because the first mail hop added "envelope-from" to its Received:
> header ?

I've always assumed the envelope from is generated from the 'mail
from' line, and that the envelope should reach the Debian list
processing system unchanged.

>   Received: from ... by ... with local (Exim 4.89)
>           (envelope-from <...>)
>           id 1iHRiB-0006S7-Ks
>           for debian-user@lists.debian.org; Mon, 07 Oct 2019 13:01:59 +0100
> (I wonder where "envelope-from" in "Received:" is specified. The word
>  does neither appear in RFC5322 nor in RFC5321.)

I've always assumed that what is in parentheses is all "noise" as far
as SMTP is concerned, like that Exim version number, the envelope-from
and, in your email for example, (Client did not present a certificate).

> ---------------------------------------------------------------------------
> > > Nevertheless, if i have no other indication then i normally add a "Cc:"
> > > to the thread starter if i do not see LDOSUBSCRIBER among the spam tests.
> > On the basis, one supposes, that the situation is unclear and you wish
> > the poster to know there is a reply to her post.
> It is futile to send Cc: to people who are known to reply to list messages.
> But thread starters where i am in doubt get a Cc: from me if i have
> something to tell them.


Reply to: