FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » PHPMailer from and mesg-id bug
Show: Today's Messages :: Polls :: Message Navigator
Switch to threaded view of this topic Create a new topic Submit Reply
PHPMailer from and mesg-id bug [message #182117] Fri, 12 July 2013 15:41 Go to next message
Rob van der Putten is currently offline  Rob van der Putten
Messages: 6
Registered: July 2013
Karma: 0
Junior Member
Hi there


From the SMTP rejectlog (UTC + 2);
----------------------------------------------------------------------
2013-07-11 08:45:19 1UxAcw-0006Q0-1N
H=user-31-174-167-163.play-internet.pl [31.174.167.163]
F=<rottens46(at)canaca(dot)com> rejected after DATA:
Using my domain is identity theft.
Envelope-from: <rottens46(at)canaca(dot)com>
Envelope-to: <rob(at)sput(dot)nl>
P Received: from user-31-174-167-163.play-internet.pl ([31.174.167.163])
by kill-spammers.sput.nl with esmtp (Exim 4.80)
(envelope-from <rottens46(at)canaca(dot)com>)
id 1UxAcw-0006Q0-1N
for rob(at)sput(dot)nl; Thu, 11 Jul 2013 08:45:18 +0200
P Received: from apache by sput.nl with local (Exim 4.63)
(envelope-from <rob(at)sput(dot)nl>)
id QJ0U3C-MBGM3Z-19
for <rob(at)sput(dot)nl>; Thu, 11 Jul 2013 07:45:16 +0100
T To: <rob(at)sput(dot)nl>
Subject: Verdien de som in de hoogte boven of gelijk aan 2000 euro
per maand door mensen te helpen onder behandeling
tegen billijke prijs gesteld te worden.
Date: Thu, 11 Jul 2013 07:45:16 +0100
F From: <rob(at)sput(dot)nl>
I Message-ID: <CCF9944DEB6BF378BD8D8443328B944A(at)sput(dot)nl>
X-Priority: 3
X-Mailer: PHPMailer 5.1 (phpmailer.sourceforge.net)
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="windows-1250"
----------------------------------------------------------------------
2013-07-12 09:58:52 1UxYFf-00006j-LV H=81.61.244.140.dyn.user.ono.com
[81.61.244.140]
F=<zanyingncn6(at)wonderware(dot)com> rejected after DATA:
Using my domain is identity theft.
Envelope-from: <zanyingncn6(at)wonderware(dot)com>
Envelope-to: <rob(at)sput(dot)nl>
P Received: from 81.61.244.140.dyn.user.ono.com ([81.61.244.140])
by kill-spammers.sput.nl with esmtp (Exim 4.80)
(envelope-from <zanyingncn6(at)wonderware(dot)com>)
id 1UxYFf-00006j-LV
for rob(at)sput(dot)nl; Fri, 12 Jul 2013 09:58:51 +0200
P Received: from apache by sput.nl with local (Exim 4.63)
(envelope-from <rob(at)sput(dot)nl>)
id AQLHOZ-LLHV7Z-MV
for <rob(at)sput(dot)nl>; Fri, 12 Jul 2013 08:58:50 +0100
T To: <rob(at)sput(dot)nl>
Subject: U kunt 200 euro per dag extra verdienen.
Date: Fri, 12 Jul 2013 08:58:50 +0100
F From: <rob(at)sput(dot)nl>
I Message-ID: <D8D21D3CA33FCD9FD1BA3A4FB173196A(at)sput(dot)nl>
X-Priority: 3
X-Mailer: PHPMailer 5.1 (phpmailer.sourceforge.net)
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="iso-8859-1"
----------------------------------------------------------------------
2013-07-12 14:40:19 1Uxce2-0003y1-Rk H=lpzg-4db3a770.pool.mediaways.net
[77.179.167.112]
F=<reassessmentg1(at)retela(dot)co(dot)jp> rejected after DATA:
Using my domain is identity theft.
Envelope-from: <reassessmentg1(at)retela(dot)co(dot)jp>
Envelope-to: <rob(at)sput(dot)nl>
P Received: from lpzg-4db3a770.pool.mediaways.net ([77.179.167.112])
by kill-spammers.sput.nl with esmtp (Exim 4.80)
(envelope-from <reassessmentg1(at)retela(dot)co(dot)jp>)
id 1Uxce2-0003y1-Rk
for rob(at)sput(dot)nl; Fri, 12 Jul 2013 14:40:18 +0200
P Received: from apache by sput.nl with local (Exim 4.63)
(envelope-from <rob(at)sput(dot)nl>)
id 63D34I-6FBTHU-HF
for <rob(at)sput(dot)nl>; Fri, 12 Jul 2013 13:40:17 +0100
T To: <rob(at)sput(dot)nl>
Subject: U kunt meer verdienen! Wij bieden u een persoonlijke oplossing.
Date: Fri, 12 Jul 2013 13:40:17 +0100
F From: <rob(at)sput(dot)nl>
I Message-ID: <75296D45910DDE7DC2E1A53BF8E5BBC8(at)sput(dot)nl>
X-Priority: 3
X-Mailer: PHPMailer 5.1 (phpmailer.sourceforge.net)
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"
----------------------------------------------------------------------

In both the 'From; ' and the 'Message-ID: ' the recipient domain instead
of the sender domain are used. Could this be a PHPMailer bug?


Regards,
Rob
--
Don't do anymore PRISM time!
http://prism-break.org/
Re: PHPMailer from and mesg-id bug [message #182118 is a reply to message #182117] Fri, 12 July 2013 16:13 Go to previous messageGo to next message
Michael Vilain is currently offline  Michael Vilain
Messages: 88
Registered: September 2010
Karma: 0
Member
In article <51e02392$0$15912$e4fe514c(at)news(dot)xs4all(dot)nl>,
Rob van der Putten <rob(at)sput(dot)nl> wrote:

> Hi there
>
>
> From the SMTP rejectlog (UTC + 2);
> ----------------------------------------------------------------------
> 2013-07-11 08:45:19 1UxAcw-0006Q0-1N
> H=user-31-174-167-163.play-internet.pl [31.174.167.163]
> F=<rottens46(at)canaca(dot)com> rejected after DATA:
> Using my domain is identity theft.
> Envelope-from: <rottens46(at)canaca(dot)com>
> Envelope-to: <rob(at)sput(dot)nl>
> P Received: from user-31-174-167-163.play-internet.pl ([31.174.167.163])
> by kill-spammers.sput.nl with esmtp (Exim 4.80)
> (envelope-from <rottens46(at)canaca(dot)com>)
> id 1UxAcw-0006Q0-1N
> for rob(at)sput(dot)nl; Thu, 11 Jul 2013 08:45:18 +0200
> P Received: from apache by sput.nl with local (Exim 4.63)
> (envelope-from <rob(at)sput(dot)nl>)
> id QJ0U3C-MBGM3Z-19
> for <rob(at)sput(dot)nl>; Thu, 11 Jul 2013 07:45:16 +0100
> T To: <rob(at)sput(dot)nl>
> Subject: Verdien de som in de hoogte boven of gelijk aan 2000 euro
> per maand door mensen te helpen onder behandeling
> tegen billijke prijs gesteld te worden.
> Date: Thu, 11 Jul 2013 07:45:16 +0100
> F From: <rob(at)sput(dot)nl>
> I Message-ID: <CCF9944DEB6BF378BD8D8443328B944A(at)sput(dot)nl>
> X-Priority: 3
> X-Mailer: PHPMailer 5.1 (phpmailer.sourceforge.net)
> MIME-Version: 1.0
> Content-Transfer-Encoding: 7bit
> Content-Type: text/plain; charset="windows-1250"
> ----------------------------------------------------------------------
> 2013-07-12 09:58:52 1UxYFf-00006j-LV H=81.61.244.140.dyn.user.ono.com
> [81.61.244.140]
> F=<zanyingncn6(at)wonderware(dot)com> rejected after DATA:
> Using my domain is identity theft.
> Envelope-from: <zanyingncn6(at)wonderware(dot)com>
> Envelope-to: <rob(at)sput(dot)nl>
> P Received: from 81.61.244.140.dyn.user.ono.com ([81.61.244.140])
> by kill-spammers.sput.nl with esmtp (Exim 4.80)
> (envelope-from <zanyingncn6(at)wonderware(dot)com>)
> id 1UxYFf-00006j-LV
> for rob(at)sput(dot)nl; Fri, 12 Jul 2013 09:58:51 +0200
> P Received: from apache by sput.nl with local (Exim 4.63)
> (envelope-from <rob(at)sput(dot)nl>)
> id AQLHOZ-LLHV7Z-MV
> for <rob(at)sput(dot)nl>; Fri, 12 Jul 2013 08:58:50 +0100
> T To: <rob(at)sput(dot)nl>
> Subject: U kunt 200 euro per dag extra verdienen.
> Date: Fri, 12 Jul 2013 08:58:50 +0100
> F From: <rob(at)sput(dot)nl>
> I Message-ID: <D8D21D3CA33FCD9FD1BA3A4FB173196A(at)sput(dot)nl>
> X-Priority: 3
> X-Mailer: PHPMailer 5.1 (phpmailer.sourceforge.net)
> MIME-Version: 1.0
> Content-Transfer-Encoding: 7bit
> Content-Type: text/plain; charset="iso-8859-1"
> ----------------------------------------------------------------------
> 2013-07-12 14:40:19 1Uxce2-0003y1-Rk H=lpzg-4db3a770.pool.mediaways.net
> [77.179.167.112]
> F=<reassessmentg1(at)retela(dot)co(dot)jp> rejected after DATA:
> Using my domain is identity theft.
> Envelope-from: <reassessmentg1(at)retela(dot)co(dot)jp>
> Envelope-to: <rob(at)sput(dot)nl>
> P Received: from lpzg-4db3a770.pool.mediaways.net ([77.179.167.112])
> by kill-spammers.sput.nl with esmtp (Exim 4.80)
> (envelope-from <reassessmentg1(at)retela(dot)co(dot)jp>)
> id 1Uxce2-0003y1-Rk
> for rob(at)sput(dot)nl; Fri, 12 Jul 2013 14:40:18 +0200
> P Received: from apache by sput.nl with local (Exim 4.63)
> (envelope-from <rob(at)sput(dot)nl>)
> id 63D34I-6FBTHU-HF
> for <rob(at)sput(dot)nl>; Fri, 12 Jul 2013 13:40:17 +0100
> T To: <rob(at)sput(dot)nl>
> Subject: U kunt meer verdienen! Wij bieden u een persoonlijke oplossing.
> Date: Fri, 12 Jul 2013 13:40:17 +0100
> F From: <rob(at)sput(dot)nl>
> I Message-ID: <75296D45910DDE7DC2E1A53BF8E5BBC8(at)sput(dot)nl>
> X-Priority: 3
> X-Mailer: PHPMailer 5.1 (phpmailer.sourceforge.net)
> MIME-Version: 1.0
> Content-Transfer-Encoding: 7bit
> Content-Type: text/plain; charset="us-ascii"
> ----------------------------------------------------------------------
>
> In both the 'From; ' and the 'Message-ID: ' the recipient domain instead
> of the sender domain are used. Could this be a PHPMailer bug?
>
>
> Regards,
> Rob

What happens if you construct the message 'by hand'. E.g. you create
the message with phpmailer but specify the "From" and "To" headers in
the body of the message?

What happens if you try this on another ISP? Sometimes, ISPs do weird
stuff to prevent SPAMMING.

--
DeeDee, don't press that button! DeeDee! NO! Dee...
[I filter all Goggle Groups posts, so any reply may be automatically ignored]
Re: PHPMailer from and mesg-id bug [message #182119 is a reply to message #182118] Fri, 12 July 2013 18:57 Go to previous messageGo to next message
Rob van der Putten is currently offline  Rob van der Putten
Messages: 6
Registered: July 2013
Karma: 0
Junior Member
Hi there


Michael Vilain wrote:

> What happens if you construct the message 'by hand'. E.g. you create
> the message with phpmailer but specify the "From" and "To" headers in
> the body of the message?

I don't run PHPMailer. I just wondered of this is a known bug.

> What happens if you try this on another ISP? Sometimes, ISPs do weird
> stuff to prevent SPAMMING.

I listed three. Do you think they all do exactly the same weird thing?


Regards,
Rob
--
Don't do anymore PRISM time!
http://prism-break.org/
Re: PHPMailer from and mesg-id bug [message #182120 is a reply to message #182119] Fri, 12 July 2013 20:28 Go to previous messageGo to next message
The Natural Philosoph is currently offline  The Natural Philosoph
Messages: 993
Registered: September 2010
Karma: 0
Senior Member
On 12/07/13 19:57, Rob van der Putten wrote:
> Hi there
>
>
> Michael Vilain wrote:
>
>> What happens if you construct the message 'by hand'. E.g. you create
>> the message with phpmailer but specify the "From" and "To" headers in
>> the body of the message?
>
> I don't run PHPMailer. I just wondered of this is a known bug.
>
>> What happens if you try this on another ISP? Sometimes, ISPs do weird
>> stuff to prevent SPAMMING.
>
> I listed three. Do you think they all do exactly the same weird thing?
>
>
quite possibly.

you are sending to a domain with an envelope from address that it
considers should not be originating on a remote machine.



> Regards,
> Rob


--
Ineptocracy

(in-ep-toc’-ra-cy) – a system of government where the least capable to lead are elected by the least capable of producing, and where the members of society least likely to sustain themselves or succeed, are rewarded with goods and services paid for by the confiscated wealth of a diminishing number of producers.
Re: PHPMailer from and mesg-id bug [message #182121 is a reply to message #182119] Fri, 12 July 2013 21:06 Go to previous messageGo to next message
Jerry Stuckle is currently offline  Jerry Stuckle
Messages: 2598
Registered: September 2010
Karma: 0
Senior Member
On 7/12/2013 2:57 PM, Rob van der Putten wrote:
> Hi there
>
>
> Michael Vilain wrote:
>
>> What happens if you construct the message 'by hand'. E.g. you create
>> the message with phpmailer but specify the "From" and "To" headers in
>> the body of the message?
>
> I don't run PHPMailer. I just wondered of this is a known bug.
>
>> What happens if you try this on another ISP? Sometimes, ISPs do weird
>> stuff to prevent SPAMMING.
>
> I listed three. Do you think they all do exactly the same weird thing?
>
>
> Regards,
> Rob

Without seeing the source code, it's impossible to determine just what's
going on. However, I would expect something wrong (i.e. missing
information) in the PHP source is causing the MTA's to think they have
to insert the information.

If this were a problem in PHPMailer, it would have been reported long
ago. Too many people are using it (unless you're using a very old
version, anyway - but even then I doubt it would be PHPMailer).

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex(at)attglobal(dot)net
==================
Re: PHPMailer from and mesg-id bug [message #182122 is a reply to message #182119] Fri, 12 July 2013 22:21 Go to previous messageGo to next message
Christoph Michael Bec is currently offline  Christoph Michael Bec
Messages: 207
Registered: June 2013
Karma: 0
Senior Member
Rob van der Putten wrote:

> I don't run PHPMailer. I just wondered of this is a known bug.

The version mentioned as X-Mailer is PHPMailer 5.1. This is a rather
old version, so well, there may have been a bug (and maybe still is).

However, it does not seem reasonable to conclude that the mails where
sent with PHPMailer at all; inserting a faked X-Mailer header shouldn't
be a problem. One never knows what spammers are doing...

You may have a closer look at the "P Received" fields. I'm not
accustomed to the innards of SMTP, but the change of "envelope-from"
particularly regarding the timestamps looks rather strange to me.

--
Christoph M. Becker
Re: PHPMailer from and mesg-id bug [message #182123 is a reply to message #182119] Fri, 12 July 2013 23:35 Go to previous messageGo to next message
Thomas 'PointedEars'  is currently offline  Thomas 'PointedEars'
Messages: 701
Registered: October 2010
Karma: 0
Senior Member
Rob van der Putten wrote:

> Michael Vilain wrote:
>> What happens if you construct the message 'by hand'. E.g. you create
>> the message with phpmailer but specify the "From" and "To" headers in
>> the body of the message?
>
> I don't run PHPMailer. I just wondered of this is a known bug.

Unlikely. As the message is UCE (which by contrast to spam *is* an
abbreviation), and its content is probably even fraud, it is more likely
that this is an intentional misuse of PHPMailer, or a misconfiguration of
the MTA used by it, in a clumsy attempt to prevent the spam message from
being recognized as coming from a suspicious host. The underlying
assumption would be that you do not filter out your own e-mails.

UTSL: <https://github.com/Synchro/PHPMailer/blob/master/class.phpmailer.php>


PointedEars
--
Anyone who slaps a 'this page is best viewed with Browser X' label on
a Web page appears to be yearning for the bad old days, before the Web,
when you had very little chance of reading a document written on another
computer, another word processor, or another network. -- Tim Berners-Lee
Re: PHPMailer from and mesg-id bug [message #182129 is a reply to message #182119] Sat, 13 July 2013 23:53 Go to previous messageGo to next message
bill is currently offline  bill
Messages: 310
Registered: October 2010
Karma: 0
Senior Member
On 2013-07-12 2:57 PM, Rob van der Putten wrote:
> Hi there
>
>
> Michael Vilain wrote:
>
>> What happens if you construct the message 'by hand'. E.g. you create
>> the message with phpmailer but specify the "From" and "To" headers in
>> the body of the message?
>
> I don't run PHPMailer. I just wondered of this is a known bug.
>
>> What happens if you try this on another ISP? Sometimes, ISPs do weird
>> stuff to prevent SPAMMING.
>
> I listed three. Do you think they all do exactly the same weird thing?
>
>
> Regards,
> Rob

I'm no guru but I'm pretty sure there's something else at work there
besides a bug in the mailer function.

Michael had a valid question which you've ignored. Since you're not
using it I fail to understand why you're asking this. What good is the
answer for something you're not using?
With all due respect, I'd suggest you do more technical research on
the issue.

Regards,

Twayne`
Re: PHPMailer from and mesg-id bug [message #182132 is a reply to message #182123] Sun, 14 July 2013 08:18 Go to previous messageGo to next message
Rob van der Putten is currently offline  Rob van der Putten
Messages: 6
Registered: July 2013
Karma: 0
Junior Member
Hi there



Thomas 'PointedEars' Lahn wrote:

> Unlikely. As the message is UCE (which by contrast to spam *is* an
> abbreviation), and its content is probably even fraud, it is more likely
> that this is an intentional misuse of PHPMailer, or a misconfiguration of
> the MTA used by it, in a clumsy attempt to prevent the spam message from
> being recognized as coming from a suspicious host. The underlying
> assumption would be that you do not filter out your own e-mails.

Which would be on the basis of source IP address, not content from or
mesg-id. So there is no point in faking these.

> UTSL:<https://github.com/Synchro/PHPMailer/blob/master/class.phpmailer.php>


Regards,
Rob
--
Don't do anymore PRISM time!
http://prism-break.org/
Re: PHPMailer from and mesg-id bug [message #182133 is a reply to message #182120] Sun, 14 July 2013 08:21 Go to previous messageGo to next message
Rob van der Putten is currently offline  Rob van der Putten
Messages: 6
Registered: July 2013
Karma: 0
Junior Member
Hi there


The Natural Philosopher wrote:

> quite possibly.
>
> you are sending to a domain with an envelope from address that it
> considers should not be originating on a remote machine.

I'm not sending anything. The log entries are about mail from a remote
system being rejected. So someone else is trying to send. Not me.


Regards,
Rob
--
Don't do anymore PRISM time!
http://prism-break.org/
Re: PHPMailer from and mesg-id bug [message #182134 is a reply to message #182122] Sun, 14 July 2013 08:36 Go to previous messageGo to next message
Rob van der Putten is currently offline  Rob van der Putten
Messages: 6
Registered: July 2013
Karma: 0
Junior Member
Hi there


Christoph Michael Becker wrote:

> The version mentioned as X-Mailer is PHPMailer 5.1. This is a rather
> old version, so well, there may have been a bug (and maybe still is).
>
> However, it does not seem reasonable to conclude that the mails where
> sent with PHPMailer at all; inserting a faked X-Mailer header shouldn't
> be a problem. One never knows what spammers are doing...
>
> You may have a closer look at the "P Received" fields. I'm not
> accustomed to the innards of SMTP, but the change of "envelope-from"
> particularly regarding the timestamps looks rather strange to me.

The timestamps suggest the mail being send from a system west of me.
However, both the domains and IP addresses are registered in Poland,
Spain and Germany, which are all the same timezone as me.


Regards,
Rob
--
Don't do anymore PRISM time!
http://prism-break.org/
Re: PHPMailer from and mesg-id bug [message #182135 is a reply to message #182132] Sun, 14 July 2013 08:50 Go to previous messageGo to next message
Thomas 'PointedEars'  is currently offline  Thomas 'PointedEars'
Messages: 701
Registered: October 2010
Karma: 0
Senior Member
Rob van der Putten wrote:

> Thomas 'PointedEars' Lahn wrote:
>> Unlikely. As the message is UCE (which by contrast to spam *is* an
>> abbreviation), and its content is probably even fraud, it is more likely
>> that this is an intentional misuse of PHPMailer, or a misconfiguration of
>> the MTA used by it, in a clumsy attempt to prevent the spam message from
>> being recognized as coming from a suspicious host. The underlying
>> assumption would be that you do not filter out your own e-mails.
>
> Which would be on the basis of source IP address, not content from or
> mesg-id.

There could be a rule with your MTA not to reject messages with your From
header field value or FQDN as used by your MTA as those could be deemed
trustworthy.

> So there is no point in faking these.

Yes, there is.


PointedEars
--
var bugRiddenCrashPronePieceOfJunk = (
navigator.userAgent.indexOf('MSIE 5') != -1
&& navigator.userAgent.indexOf('Mac') != -1
) // Plone, register_function.js:16
Re: PHPMailer from and mesg-id bug [message #182136 is a reply to message #182135] Sun, 14 July 2013 09:46 Go to previous messageGo to next message
Rob van der Putten is currently offline  Rob van der Putten
Messages: 6
Registered: July 2013
Karma: 0
Junior Member
Hi there


Thomas 'PointedEars' Lahn wrote:

> There could be a rule with your MTA not to reject messages with your From
> header field value or FQDN as used by your MTA as those could be deemed
> trustworthy.

FQDN yes, header from no. The latter is easily faked. It's just
something you fill out in your email client config.

> Yes, there is.

How do you fake a FQDN. It's based on IP address (reverse lookup).


Regards,
Rob
--
Don't do anymore PRISM time!
http://prism-break.org/
Re: PHPMailer from and mesg-id bug [message #182137 is a reply to message #182117] Sun, 14 July 2013 09:47 Go to previous messageGo to next message
Alex vdB is currently offline  Alex vdB
Messages: 3
Registered: November 2012
Karma: 0
Junior Member
"Rob van der Putten" <rob(at)sput(dot)nl> schreef in bericht
news:51e02392$0$15912$e4fe514c(at)news(dot)xs4all(dot)nl...
> Hi there
>
>
> From the SMTP rejectlog (UTC + 2);
> ----------------------------------------------------------------------
> 2013-07-11 08:45:19 1UxAcw-0006Q0-1N
> H=user-31-174-167-163.play-internet.pl [31.174.167.163]
> F=<rottens46(at)canaca(dot)com> rejected after DATA:
> Using my domain is identity theft.
> Envelope-from: <rottens46(at)canaca(dot)com>
> Envelope-to: <rob(at)sput(dot)nl>
> P Received: from user-31-174-167-163.play-internet.pl ([31.174.167.163])
> by kill-spammers.sput.nl with esmtp (Exim 4.80)
> (envelope-from <rottens46(at)canaca(dot)com>)
> id 1UxAcw-0006Q0-1N
> for rob(at)sput(dot)nl; Thu, 11 Jul 2013 08:45:18 +0200

Rob, everything below this is lied together. You cannot trust it. Most
likely there is no "sput.nl", no "apache", no "exim", and no "PHPMailer 5.1"
involved.

It does not prove anything, don't bother for looking for bugs in phpmailer,
exim, apache or your setup. It is just another attempt to circumvent spam
filters.

> P Received: from apache by sput.nl with local (Exim 4.63)
> (envelope-from <rob(at)sput(dot)nl>)
> id QJ0U3C-MBGM3Z-19
> for <rob(at)sput(dot)nl>; Thu, 11 Jul 2013 07:45:16 +0100
> T To: <rob(at)sput(dot)nl>
> Subject: Verdien de som in de hoogte boven of gelijk aan 2000 euro per
> maand door mensen te helpen onder behandeling
> tegen billijke prijs gesteld te worden.
> Date: Thu, 11 Jul 2013 07:45:16 +0100
> F From: <rob(at)sput(dot)nl>
> I Message-ID: <CCF9944DEB6BF378BD8D8443328B944A(at)sput(dot)nl>
> X-Priority: 3
> X-Mailer: PHPMailer 5.1 (phpmailer.sourceforge.net)
> MIME-Version: 1.0
> Content-Transfer-Encoding: 7bit
> Content-Type: text/plain; charset="windows-1250"
Re: PHPMailer from and mesg-id bug [message #182139 is a reply to message #182136] Sun, 14 July 2013 09:54 Go to previous message
Thomas 'PointedEars'  is currently offline  Thomas 'PointedEars'
Messages: 701
Registered: October 2010
Karma: 0
Senior Member
Rob van der Putten wrote:

> Thomas 'PointedEars' Lahn wrote:
>> There could be a rule with your MTA not to reject messages with your From
>> header field value or FQDN as used by your MTA as those could be deemed
>> trustworthy.
>
> FQDN yes, header from no. The latter is easily faked. It's just
> something you fill out in your email client config.

I am aware of that.

>> Yes, there is.
>
> How do you fake a FQDN. It's based on IP address (reverse lookup).

The “Message-Id” header field value can, in practice, be anything, and can
be as easily faked as the “From” header field value. Sometimes it does not
even contain a FQDN, just some domain-part.

If you wish to further discuss the Internet Message Format, SMTP, and
UCE/UBE, I suggest you do that in the appropriate newsgroup. This newsgroup
is about PHP.


PointedEars
--
var bugRiddenCrashPronePieceOfJunk = (
navigator.userAgent.indexOf('MSIE 5') != -1
&& navigator.userAgent.indexOf('Mac') != -1
) // Plone, register_function.js:16
  Switch to threaded view of this topic Create a new topic Submit Reply
Previous Topic: How can i get value of text area?
Next Topic: html contact email
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Thu Nov 21 17:47:52 GMT 2024

Total time taken to generate the page: 0.03299 seconds