the tuple is based on "...connecting IP address, HELO/EHLO, envelope-from, and envelope-to, or tuple..."
So apparently the tuple isn't merely a triplet but includes the HELO/EHLO. But more importantly, it uses SMTP envelope From and To (MAIL FROM and RCPT TO) which is different than the cosmetic MIME From: and To: noted in the header.
Learn about Linux
Download Linux
Get Linux help
What is in the tuple?
Posted by: Anonymous Coward on April 12, 2007 01:25 PM> 1. the sender's IP address,
> 2. the From: field in the email header, and
> 3. the To: field in the email header.
According to
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=spamd&sektion=8" title="openbsd.org">http://www.openbsd.org/cgi-bin/man.cgi?query=spam<nobr>d<wbr></nobr> &sektion=8</a openbsd.org>
the tuple is based on "...connecting IP address, HELO/EHLO, envelope-from, and envelope-to, or tuple..."
So apparently the tuple isn't merely a triplet but includes the HELO/EHLO. But more importantly, it uses SMTP envelope From and To (MAIL FROM and RCPT TO) which is different than the cosmetic MIME From: and To: noted in the header.
#