Sendmail configuration

[Bob Bell]

On Tue, Jun 17, 2003 at 12:50:31PM -0400, Derek Martin <gnhlug at sophic.org> wrote:
> On Tue, Jun 17, 2003 at 12:11:10PM -0400, Bob Bell wrote:
> > Sorry for the delayed reply.  Thanks to everyone for their replies.
> > I knew I could count on this list for some helpful advice, especially
> > from the sysadmins on the list.  It's quite a useful resource we have
> > here.
> 
> FWIW, I'm currently available, for hire or for rent...  =8^)

    I would if I could, Derek.

> The Received headers actually give you that info, as I mentioned
> above.  They're added by the MTA, and the addresses used in it are
> taken directly from the envelope.  The first one that appears at
> the top of your e-mail message should be the most recent, i.e. the one
> added by your final hop along the MTA railroad.  So long as your
> e-mail address isn't munged by multiple mail-routing hosts before it
> ges to you, that will be the envelope address.

    That's what I would have thought.  On closer look, though, the
headers appear to be different than on a standard message.  Here's
the top of a message from my inbox:

Return-Path: <gap at gap.m0.net>
Received: from domain.com [207.44.188.8]
        by localhost with POP3 (fetchmail-6.2.0)
        for imapuser at localhost (multi-drop); Thu, 12 Jun 2003 12:29:16 -0400 (EDT)
Received: from srv01.domain.com (root at localhost)
        by domain.com (8.11.6/8.11.6) with ESMTP id h5CHQDl28866
        for <USER at domain.com>; Thu, 12 Jun 2003 13:26:13 -0400
X-ClientAddr: 209.11.164.87
Received: from mh.gap.m0.net (mh.gap.m0.net [209.11.164.87])
        by srv01.domain.com (8.11.6/8.11.6) with ESMTP id h5CHQDX28861
        for <USER at domain.com>; Thu, 12 Jun 2003 13:26:13 -0400
Received: from [209.11.138.117]
        by 10.206.1.87 (mh.gap.m0.net) with SMTP; 12 Jun 2003 10:09:52 +0000

And here's the top of the spam I was forwarded that seems to have been
misdirected:

Return-Path: <moffitt2 at aol.com>
Received: from srv01.domain.com (root at localhost)
 by domain.com (8.11.6/8.11.6) with ESMTP id h5C5Lth21828;
 Thu, 12 Jun 2003 01:21:55 -0400
X-ClientAddr: 4.23.82.42
Received: from W26107 ([4.23.82.42])
 by srv01.domain.com (8.11.6/8.11.6) with SMTP id h5C5LsX21823;
 Thu, 12 Jun 2003 01:21:54 -0400
Received: from m3.kf0iepw.net (HELO ngint) [24.209.23.241] by W26107 id <7586086-57839> for <user at domain.com>; Thu, 12 Jun 2003 16:19:12 -0400

Note that the headers above may be munged having been set via Outlook in
the text portion of a message (in addition, the names have been changed
to protect the innocent).  However, what is most apparent to me is that
the "for <user at domain.com>" seems to have disappeared when it hit the
srv01.domain.com server.  The message did not arrive in
user at domain.com's mailbox, but a different mailbox (possibly the
catch-all, but I'm not sure).

-- 
Bob Bell
-------------------------------------------------------------------------
 "Linux represents a best-of-breed Unix, that is trusted in mission
  critical applications, and -- due to it's open source code -- has
  a long term credibility which exceeds many other competitive OS's."
   -- Microsoft "Halloween" Document