Discussion:
[Maia-users] How to get cache list to show actual FROM instead of SMTP-Sender
Brian
2017-07-11 19:40:06 UTC
Permalink
Hello,

I'm somewhat new to maia, and haven't found anything that looks like an
option to control this. When I'm looking at my cached ham items to find
the false-negatives, the "From" column shows a lot of things that look
like, for example, this:

dbl6994ku92kkudl6jjpbu4b2j2ahkl0f6s0c...

...and the alt/title text shows a complete e-mail address, all that
hash-like text plus [at][whatever], and seems to be the Return-Path
header (or what maia calls SMTP-Sender)

If I click the subject to see the message, the view that appears shows:

From: "MCM Electronics" <***@mcm-email.com>


...which is the actual From: header, and is easily-recognizable as a
source of mail I trust (while the subject alone may not help me choose
so easily), and I know it is not a false-negative.

How do I get the From: header to show in the list instead of the
SMTP-Sender header?

Thanks,
-Brian
David Morton
2017-07-11 21:09:02 UTC
Permalink
and is easily-recognizable as a source of mail I trust
It is also a most easily forged header. I don't remember now if there
was another consideration when we put it that way... It also may have
to do with the whitelist/blacklist feature, which also uses the SMTP-Sender.
--
David Morton
***@dgrmm.net
Brian
2017-07-11 21:31:26 UTC
Permalink
Respectfully, as SMTP has no built-in security features, ALL headers are
easily-forged; Return-Path is no more or less difficult to forge than
From. But surprisingly, I see very little in the way of false-negatives
with actually-forged From: headers. So for my specific scenario
(plucking the occasional false-negative out of a pile of ham), seeing
From: instead of Return-Path: is more useful. Is there a way to change
this behavior of maia's web interface?
Post by David Morton
and is easily-recognizable as a source of mail I trust
It is also a most easily forged header. I don't remember now if there
was another consideration when we put it that way... It also may have
to do with the whitelist/blacklist feature, which also uses the SMTP-Sender.
David Morton
2017-07-11 21:54:12 UTC
Permalink
I don't remember much about the code any more... but I'm pretty sure it
would require some php coding changes.
Post by Brian
Respectfully, as SMTP has no built-in security features, ALL headers are
easily-forged; Return-Path is no more or less difficult to forge than
From. But surprisingly, I see very little in the way of false-negatives
with actually-forged From: headers. So for my specific scenario
(plucking the occasional false-negative out of a pile of ham), seeing
From: instead of Return-Path: is more useful. Is there a way to change
this behavior of maia's web interface?
Post by David Morton
and is easily-recognizable as a source of mail I trust
It is also a most easily forged header. I don't remember now if there
was another consideration when we put it that way... It also may have
to do with the whitelist/blacklist feature, which also uses the SMTP-Sender.
_______________________________________________
Maia-users mailing list
http://www.renaissoft.com/cgi-bin/mailman/listinfo/maia-users
--
David Morton
***@dgrmm.net
Loading...