Jeremy writes, "Hey, Al! I was wondering if you could help me make a case for adding additional received headers to outbound messages. At the company I work for, one of our technologists convinced the head guy that we should try adding additional unique received headers to every message, rotating through unique IP addresses and host names. Do you have any insight on whether or not this would be a good or bad practice? Thanks in advance."
Jeremy, I'm not exactly sure what they're going for here. Received headers are simple tracking mechanisms in internet email; they're meant only to show the path the email actually took to reach the recipient. They are widely used by various spam filtering appliances and ISP filters. You could, in theory, add additional received headers to the bottom of the "received header" chain, making it look like some other server handed off the mail to you. But, you wouldn't be able to modify, hide, or remove the received header that identifies your MTA (mail server) handing the mail off to an ISP's mail server. The remote ISP creates that header upon receipt of the message from you, meaning that any received headers you add would show up below this header in the received header chain.
Adding additional received headers has no legitimate purpose. Webmails sometimes add a received header to indicate that a message was injected into their mail system over HTTP, but that's not what we're talking about here.
Adding headers like that could confuse some less-refined spam filters into blacklisting other people (besides you) but it wouldn't prevent them from telling that a message came from your IP address or network. It could also make spam filters think you're infected or that your servers are acting as part of a botnet. It would probably increase spam blocking against you. And, most importantly, that this would pretty easily be construed as falsifying header information to hide the true source of the email. That would be a pretty blatant violation of the US federal anti-spam law (CAN-SPAM). Bad news, all around!
1
Comments
Serious? People think that sort of obfuscation could be a good thing? Aye..
ReplyDeleteClue stick time.