me @ coworkers: stop trying to parse headers to get info that comes from the envelope
-
me @ coworkers: stop trying to parse headers to get info that comes from the envelope
coworker: i am parsing the Received header to find original source ip, is this ok?
-
Fi, infosec-aspected 🏳️⚧️replied to mx alex tax1a - 2020 (4) last edited by
why isn't there an organizational library to provide those functions replicably and safely that they can just make a call to?
-
@munin because they do not store the envelope data, thus it evaporates once it leaves our system. we have been trying to get them to do "not that" since day 1
-
mx alex tax1a - 2020 (4)replied to mx alex tax1a - 2020 (4) last edited by
@munin "there is, but they don't use it"
-
Fi, infosec-aspected 🏳️⚧️replied to mx alex tax1a - 2020 (4) last edited by
wtyp.
-
@munin yes, which is something we've been trying to correct, by wrapping the message itself with another layer of MIME, such that the sibling attachment contains the envelope data
-
-
mx alex tax1a - 2020 (4)replied to 🆘Bill Cole 🇺🇦 last edited by
@grumpybozo in our environment it's easy, the frontend passes the IP along out-of-band, but the target service fails to preserve the data
