Christmas spam from RESERVED IANA adressblock ?

Neil kngspook at
Thu Dec 25 10:01:31 UTC 2008

Maybe I'm showing my newb-ness here....

On Wed, Dec 24, 2008 at 10:33 PM, James Hess <mysidia at> wrote:
> RFC1918 addresses should also never be found in mail headers of any
> messages being exchanged over the internet..  For the very reason that it
> creates this confusion. Another case of many implementations not doing
> anything close to what they should.
> RFC1918  says on page 4:
> "   Indirect references to such addresses should be contained within the
>   enterprise. Prominent examples of such references are DNS Resource
>   Records and other information referring to internal private
>   addresses. In particular, Internet service providers should take
>   measures to prevent such leakage.
> "
> Private IPs in mail headers are just fine inside the enterprise, but messages
> with headers referencing private IPs should not be exchanged over the
> internet.
> RC1918  specifically says indirect references should not leave the enterprise.
> The only thing that would be worse or more confusing to other sites would be to
> not add a mail header at all,  or to use a real IP address shared by other hosts
> that use 1918 addresses on the LAN.
So what are you suggesting an admin should do (assuming, for example,
he doesn't have enough IPv4 addresses to go around)?  If he shouldn't
strip headers, and he shouldn't use the NAT'd addresses, then he's
running rather low on options.

And no matter what he does, it's going to involve modification of the
headers, which is generally considered A Bad Thing(TM).  Especially
since some, not many, but enough, sysadmins are going to do the
modification badly, and either accidentally mangle the rest of the
email or do something to make tracking down problems more difficult.

I think a big difference between the example you quoted about RFC 1918
and Received: headers is that DNS records will be used by various
programs automatically, whereas mail headers are generally not; as JF
Mezei pointed out, all you have to do is learn to read mail headers

> Not sharing mail server public IPs isn't part of the RFC1918 though,
> it's just the right way(TM).
I didn't understand what you meant here...  Not sharing my mail
server's public IP is going to make it a little difficult for me to
receive mail, I suspect...

More information about the NANOG mailing list