ORF Forum  >  ORF Technical Support  >  X-Received-From-Address, Spoofed?

X-Received-From-Address, Spoofed?

 
Can anyone confirm if the "X-Received-From-Address" is rock solid beyond denial or if this can be spoofed by the sending spammer?
Reply
Steven Richards (4 months ago)
If you are referring to the X-Received-From-Address inserted by the SMTP Envelope Script from our website, it is rock solid (as long as you trust Exchange will pass the proper address to the script). This IP address is the last delivery hop, i.e. the IP address of the SMTP client that connected to the Exchange or SMTP server which runs the script. IP spoofing with TCP (the transmission network layer below SMTP) is extremely difficult to do, so I would say this information can be trusted with very high certainty.
Reply
Peter Karsai (ORF Team) (4 months ago)
in response to
Yes, I should have said its from the SMTP Envelope Script. I thought that was the case but wanted to make sure. We had been assuming that to be the case but thought we'd check to on the safe side. Thank you for your response, it is much appreciated.
Reply
Steven Richards (4 months ago)

1. Your name:

2. Your email address (will not be published):

3. Your comment:

4. Please enter the words below: (must be completed only once)

Post