eMail with Conflicting Headers not blocked in MS365
Posted
by
John Meredith Langstaff
on Server Fault
See other posts from Server Fault
or by John Meredith Langstaff
Published on 2013-10-31T15:35:18Z
Indexed on
2013/10/31
15:58 UTC
Read the original article
Hit count: 419
On occasion, a company receives eMail with two header fields (“Received” and “From”) containing data that contradict each other drastically. Should they not expect their anti-spam system to flag or block items with contradictions in these fields?
For example, they received an eMail which contained [almost exactly] these two headers:
Received: from [107.52.51.26] by web315204.mail.ne1.yahoo.com via HTTP; Mon,28 Oct 2013 04:28:04 PDT
From: Barry Smith [email protected]>
Obviously, eMail from an @att.net address isn’t coming from a server on the domain yahoo.com, and Yahoo isn’t forwarding AT&T’s eMail. There were no other headers indicating that the item was sent “OnBehalfOf”, or “Forwarded-by”, or “By_Proxy” or any other such.
Should I write a utility to scan incoming eMail for such conflicts, or look more closely at their spam filtering to block this kind of eMail? Their eMail system is Hosted Exchange on MS-365. My central question is, where specifically do I look in MS-365 to get this type of conflicted eMail blocked?
© Server Fault or respective owner