On Wed, 12 Dec 2007 09:02:33 +0100, till klimpong@gmail.com wrote:
On Dec 12, 2007 1:13 AM, Martin Kealey roundcube-maint@ihug.co.nz wrote:
On of the problems we encounter as an ISP is the occassional customer account getting hijacked and used to send spam from the webmail
interface.
To assist in tracking down the perpetrators, we've created a patch that inserts a Received header that records information so we can track down
the
compromised account. (In particular, the timestamp, source IP address
and
login name.)
The header is formatted like this:
Received: from [ip-address] (host.domain; login=username) by hostname-of-server with HTTP/version ; datestampYou might wonder "why use the Received header"; well, the simple reason
is
so it can be processed the same way as any other spam report - and we
get a
lot of those.
Is this of interest to anyone else?
Isn't this what people use the "X-Sender"-header for? If I remember correctly that would be the defacto standard - but it would "only" contain an IP. ;-)
Regards, Till
Indeed, you are correct. But as I see it, the two most common practices are:
- Using the "view source" option already available in roundcube.
- Adding an X-report-spam header in your mail server header.
Of course given that roundcube already has the "view source" option. Instructing your clients to use it and copy the contents into an email to postmaster@ should resolve most issues. No?
Just my 2 cents worth.
List info: http://lists.roundcube.net/dev/
///////////////////////////////////////////////////// Service provided by hitOmeter.NET internet messaging! .
List info: http://lists.roundcube.net/dev/