Our sever receives a fair bit of spam, most of this is standard spam but looking at the headers of some spam we get directly it seems to show that the mail is received by the LMTP (Local Mail Transport Protocol) rather than SMTP so I am curious if the below indicates that mail is coming from another account on the same server?
- My email address is [email protected]
- Our server is our-server.com
Return-Path: <[email protected]>
Delivered-To: [email protected]
Received: from our-server.com by our-server.com with LMTP id uAvaLwN5i2K7KwAAAZdYnQ (envelope-from <[email protected]>) for <martin=here.com>; Mon, 23 May 2022 13:07:31 +0100
Return-path: <[email protected]>
Envelope-to: martin=here.com Delivery-date: Mon, 23 May 2022 13:07:31 +0100 Received: from [203.28.246.238] (port=42475 helo=mail.mashfacts.com) by our-server.com with esmtps (TLS1.2) tls TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from <[email protected]>) id 1nt6q4-000302-3a for [email protected]; Mon, 23 May 2022
13:07:31 +0100
DKIM-Signature:
I know and can see the line:
Received: from [203.28.246.238] (port=42475 helo=mail.mashfacts.com) by our-server.com with esmtps
Which implies it is a remote delivery but I wanted to double check that the LMTP was expected and that this particular email is not being received by one account on the server to pass on to another account on the server.
The line:
Received: from our-server.com by our-server.com with LMTP
Seems to imply this?
<br>
. cheers