A Proposal for Storing Envelope-Sender Data in Received Headers
Traditionally, the envelope-sender data has been added to messages as they pass through MTAs, but in varying ways (the Return-Path header, X-Envelope-From, etc.), and generally in terms of one header in the message. see EnvelopeSenderInHeaders.
A very helpful addition to support MUAs and MUA-level filters, would be if this was added to the Received header for the MTA handover, e.g.
Received: from portent.example.com (portent.example.com [208.58.1.195]) by bar.example.org (envelope-from <owner-foo-discuss@example.com>) (Postfix) with ESMTP id 12CE931024F for <foo@example.org>; Wed, 28 Jan 2004 08:54:19 +0000 (GMT)
This would allow filters like SpamAssassin to pick up the envelope-from used at each step of the chain, which is very valuable especially when intermediate steps tend to rewrite it. (For example, fetchmail makes some incorrect assumptions, and will add an *incorrect* Return-Path header if an X-Envelope-From header exists, even from an earlier handover.)
If I recall correctly, some versions of exim seem to support this.
We already have support for this in SpamAssassin – we detect it using this regexp matched against Received lines:
/envelope-(?:sender|from)[ =](\S+)\b/
MTA authors/packagers, please consider adding this to your default configurations; inserting a string in the form
(envelope-sender <foo@example.com>)
somewhere after the "from ... by ..." text would do the trick nicely.
MTAs That Do This
If you know of an MTA package that will add the envelope-sender data to the Received header, or can write a configuration stanza to add to config files to do this in any given MTA, please add a note about it on this page using the "EditText" button below.
Comments
Actually, the Return-Path is standard now, and I don't see any need to add yet another way to specify the envelope recipient. Go read RFC-2821 section 4.4 where this header is defined as a MUST. – Arik Baratz
The issue is that MUAs and MUA-level filters like SpamAssassin cannot reliably determine the envelope sender (note; not recipient) at intermediate steps along the Received chain. Some forwarding use cases, like mailing lists, fetchmail, or SRS-compliant forwarders, will resend the message with a new envelope sender, which means that a filter cannot check back beyond that step. Given situations where spam arrives via lists or at a forwarding address, this means that the filter cannot use the env-sender to detect spam in that case, and in the fetchmail situation, the filter cannot trust that data at all, and therefore cannot use env-sender or SPF at all. – JustinMason