Smtp
SMTP 允許在 RFC 中使用多個 FROM 地址。這曾經有用嗎,為什麼會存在?
根據 RFC,SMTP 允許在正文(而不是信封)上使用多個 FROM 地址。
此功能是否曾用於合法目的?
丟棄具有多個 FROM 地址的消息是否安全?
RFC 822實際上給出了這種用法的一個例子。它要求(第 4.4 節) Sender: 標頭在使用時存在。
A.2.7. Agent for member of a committee George's secretary sends out a message which was authored jointly by all the members of a committee. Note that the name of the committee cannot be specified, since <group> names are not permitted in the From field. From: Jones@Host, Smith@Other-Host, Doe@Somewhere-Else Sender: Secy@SHost
已棄用它的RFC 2822繼續明確地允許這種特殊結構(第 3.6.2 節)。
from = "From:" mailbox-list CRLF mailbox-list = (mailbox *("," mailbox)) / obs-mbox-list
在目前標準RFC 5322中,這沒有改變,並且仍然明確允許多個地址(第 3.6.2 節)。
The from field consists of the field name "From" and a comma- separated list of one or more mailbox specifications. If the from field contains more than one mailbox specification in the mailbox- list, then the sender field, containing the field name "Sender" and a single mailbox specification, MUST appear in the message.
它曾經有用嗎?是的,它仍然是,對於古代例子中顯示的那種場景。具有多個作者的郵件應該將所有作者都列在 From: 標題中,並將 Sender: 設置為在他們的電子郵件程序中實際點擊 Send 的人。
The originator fields indicate the mailbox(es) of the source of the message. The "From:" field specifies the author(s) of the message, that is, the mailbox(es) of the person(s) or system(s) responsible for the writing of the message. The "Sender:" field specifies the mailbox of the agent responsible for the actual transmission of the message. For example, if a secretary were to send a message for another person, the mailbox of the secretary would appear in the "Sender:" field and the mailbox of the actual author would appear in the "From:" field. If the originator of the message can be indicated by a single mailbox and the author and transmitter are identical, the "Sender:" field SHOULD NOT be used. Otherwise, both fields SHOULD appear.
在公共 Internet 上的實踐中,執行此操作的消息並不常見,儘管它們確實發生在企業和學術環境中,其中一個人代表另一個人或一組人發送電子郵件更為常見。
我實際上從未見過這樣做的垃圾郵件(並且通過了我所有的其他控制項)。我通常認為丟棄或提高此類郵件的垃圾郵件分數是不安全的。