X-Received-From-Address, Spoofed? - ORF Forums

X-Received-From-Address, Spoofed? RSS Back to forum

1

Can anyone confirm if the "X-Received-From-Address" is rock solid beyond denial or if this can be spoofed by the sending spammer?

Reply
by Steven Richards more than 10 years ago
2

@Steven Richards: If you are referring to the X-Received-From-Address inserted by the SMTP Envelope Script from our website, it is rock solid (as long as you trust Exchange will pass the proper address to the script). This IP address is the last delivery hop, i.e. the IP address of the SMTP client that connected to the Exchange or SMTP server which runs the script. IP spoofing with TCP (the transmission network layer below SMTP) is extremely difficult to do, so I would say this information can be trusted with very high certainty.

Reply
by Peter Karsai (ORF Team) more than 10 years ago
(in reply to this post)

3

Yes, I should have said its from the SMTP Envelope Script. I thought that was the case but wanted to make sure. We had been assuming that to be the case but thought we'd check to on the safe side. Thank you for your response, it is much appreciated.

Reply
by Steven Richards more than 10 years ago

New comment

Fill in the form below to add a new comment. All fields are required. If you are a registered user on our site, please sign in first.

It will not be published.
hnp1 | hnp2