betabug... Sascha Welter

home english | home deutsch | Site Map | Sascha | Kontakt | Pro | Weblog | Wiki

10 May 2008

Can't determine Purported Responsible Address

Hey, it's just a technicality

Got a support mail from a (very patient) user today. The "please reset my password" mail from one system I co-admin didn't reach them. Checked the mail log and found the mail was rejected from their ISP with a response "550 5.7.1 can't determine Purported Responsible Address". This baby refers to RFC 4407, which I had never heard of. I found some other references on the web, but they were red herrings (no, it's got nothing to do with SPF), the RFC led me to the solution...

So, what is this business with this "Purported Responsible Address", and why did it bother the particular ISP of that user?

The thing is, RFC 4407 is about trying to find out, where an automated mail is really coming from. "Automated mail" in this respect can mean a mail that was re-sent from one mailing list to another, or it can mean a mail coming from some web application. In our case it was the mail sent out by the "please reset my password" link in a PHP (outch!) forum system.

RFC 4407 tells software to go through the headers according to a list of precedence and pick the first valid and unique header that points to the address who is responsible for that mail. A last step in this "ladder of headers to check" is to check the "From:" header (the one in the message, not the "envelope from" header). In our case the culprit was the nice and dandy word unique.

"Unique", you say? Yeah, going through the PHP code of the board software (what horror! imagine I did this on a saturday morning, to feel my disgust) and comparing with a sample mail I dragged out of an old mailbox, I finally noticed that the PHP code was doing this (line breaks non-original):

$email_headers = 'From: ' . $board_config['board_email'] . \
"\nReturn-Path: " . $board_config['board_email'] . "\n";

... and it resulted in the "From:" header being in the message twice. Once I changed that "code" to only add the "Return-Path" to the additional headers, there was only one "From:" header in the messages being sent out and the mail sent out was happily accepted by that ISP's mail server.

And the morale of the story is? Well, I was happy that I could solve the problem on our side (since indeed the mistake was on our end). In this message from an employee of Forthnet (the ISP in question) to the sid-milter-discuss mailing list, the problem is with Yahoo group verification emails. Of course if someone like Yahoo sends out messed up headers, you want to make sure that you can tell your own system to ignore the mess.

Posted by betabug at 10:23 | Comments (0) | Trackbacks (0)
ch athens
Life in Athens (Greece) for a foreigner from the other side of the mountains. And with an interest in digital life and the feeling of change in a big city. Multilingual English - German - Greek.
Main blog page
Recent Entries
Best of
Some of the most sought after posts, judging from access logs and search engine queries.

Apple & Macintosh:
Security & Privacy:
Misc technical:
Athens for tourists and visitors:
Life in general:
<< Perl Jobs | Main | Test Run The End of Civilization (Part II) >>
There are no comments.
You can trackback to:
There are no trackbacks.