Need explanation of x-originating-email
Results 1 to 4 of 4

Thread: Need explanation of x-originating-email

  1. #1
    Junior Member
    Join Date
    Jul 2006
    Posts
    2

    Need explanation of x-originating-email

    I am having an argument with Sympatico with regards to email routing.
    My email clients (evolution and Outlook) seem to insert the field x-originating-email and populating it with the email address that sympatico created for me to authenticate with. The problem is that I don't use that email address. thus, rejected emails (I addressed wrong) and some subscriptions send the messages to that address instead of the sender, reply to, from or return-path addresses. Thus, I have missed some emails (until I discovered this) or I need to check another email account that I don't want.

    Is Sympatico doing this or is it something my email client is doing according to some RFC?

    thanks for input, feedback, comments and humour.

    Lepold.

  2. #2
    Senior Member
    Join Date
    Jan 2003
    Posts
    3,914
    Hey Hey,

    I'm trying to get a handle on your setup.... You've got an email client configured with a non-Sympatico account.... let's call it leopoldb@personal.com, you also have the account leopoldb@sympatico.ca because Sympatico is your ISP. We all know that Sympatico, like most major ISPs these days, as some port filtering in place (139, 445, 25). This would mean you are unable to use the personal.com SMTP server. Instead you are "forced" to send your non-Sympatico mail though the Sympatico SMTP server. The Sympatico SMTP server requires that you authenticate, so you pass it your leopoldb@sympatico.ca username (some stupid b######## most likely). Sympatico's SMTP server has "anti-spoofing measures" in place... One of these being the X-Originating-Email header... certain servers are responding to this insead of the From email.

    Sounds about right?

    So some information first...

    i) Any email header that begins with X- is user defined... they are not RFC specified... X-Originating-Email is great one as many servers have implemented it... They use it to include the email address you authenticated against. This is to prevent against mail spoofing. Some mail servers will actually drop mail is X-Originating-Email exists and does not equal the From: address.
    ii) SMTP is a very simple plain-text protocol... Therefore 'basic' level spoofing is simple... I connect... I issue MAIL FROM:, RCPT TO: and DATA and I've created an email that appears to be from a certain address... X-Originating-Email is the only server that actually contains my real address.

    I'm not sure why you are arguing with Sympatico on this... they aren't doing anything wrong... You'd have to yell at every ISP and Mail Server on the planet because you can never be sure which ones are or are not doing this.

    The easiest solution is to not use Sympatico 's SMTP server.. "But wait... you just said Sympatico blocks port 25".... yes... yes I did... however there are plenty of ways around this. Large service providers (such as 1and1, the company I deal with) provide an additional port for SMTP access.... in 1and1's case it's 587.... other's will provide SMTPS (gmail does this)... the ports used for this are not filter by Sympatico's SMTP filter... You could setup a proxy on a friends server... so that port 80 on their server redirects to port 25 on the personal.com server (although I wouldn't recommend this)... Lastly you could use your sympatico mail account... or use webmail.... both are viable alternatives.

    Peace,
    HT

    PS: Typing this I've realized I need a new keyboard.
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

  3. #3
    Junior Member
    Join Date
    Jul 2006
    Posts
    2
    Very nice - you know your stuff. Bingo, that's correct.

    First, nobody at Sympatico (or their support org in Whitby area) know anything of this.
    As of last week, their answer was simply "use your sympatico account and forget your other account".

    Well, that would be a problem for thousands of people. I suspect that there are many people in my boots that have no idea that they have mail (rejected, from paid subscriptions, etc.) in an account that they knew about once because the Sympatico person told them to type it into outlook once. Here's the next part - if I'm working for Sears but do a lot of work at home, would I normally send corporate mail using the Sympatico SMTP server or my work one?

    Leopold

  4. #4
    Senior Member
    Join Date
    Jan 2003
    Posts
    3,914
    Originally posted here by leopoldb
    Very nice - you know your stuff. Bingo, that's correct.

    First, nobody at Sympatico (or their support org in Whitby area) know anything of this.
    As of last week, their answer was simply "use your sympatico account and forget your other account".

    Well, that would be a problem for thousands of people. I suspect that there are many people in my boots that have no idea that they have mail (rejected, from paid subscriptions, etc.) in an account that they knew about once because the Sympatico person told them to type it into outlook once. Here's the next part - if I'm working for Sears but do a lot of work at home, would I normally send corporate mail using the Sympatico SMTP server or my work one?

    Leopold
    I highly doubt there are as many people as you suspect in your boots... most of them have a work around in place. ...

    As for working at Sears, that depends.

    i) Do you dial-in with a VPN...
    ii) Do you use a web-based email solution (OWA for example)
    iii) Do you use your day to day outlook to send the email.

    If you answered yes to i or ii then the answer is most likely you use the work one, however if you answered yes to iii then you use your Sympatico one... Which would definately be "inappropriate" in my eyes.

    Peace,
    HT
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •