[Dshield] Any legitimate reaason to strip SMTP X- headers?

Harry Hoffman hhoffman at ip-solutions.net
Tue May 24 14:54:23 GMT 2005

feeble attempt to hide client software types/versions?

Brenden Walker wrote:
> Hopefully this is an acceptable topic. I think it is.  
> I'm primarily a programmer, dealing a lot with TCP/IP and related
> protocols.  One of our systems uses email to replicate database data.
> The email's contain several X- headers so that we can positively
> identify them as 'ours'..as it were.  The other day QA was just
> restesting things, and found that none of the headers were getting
> through.
> After several hours of poking around, I found out that something
> in-house (possibly websense html proxy) is also proxying port 25 and
> stripping off ALL X- headers (including semi normal X-Mailer and the
> like).  
> I'm not even sure I see any legitimate reason to strip these header off.
> I'm just curious if there are real reasons to strip these?
> Thanks.
> -------------- Sponsor Message ------------------------------------
> Join us at SANSFIRE 2005 in Atlanta!
> The Internet Storm Center Conference.
> Details: http://www.sans.org/sansfire2005
> _______________________________________________
> send all posts to list at lists.dshield.org
> To change your subscription options (or unsubscribe), see: http://www.dshield.org/mailman/listinfo/list

More information about the list mailing list