What is "Forwarded-For" in an SMTP header?

[Albion]

I have an SMTP header and the second Recieved: line starts with this.

Recieved: From [0.0.0.0] (Forwarded-For: [1.1.1.1]) by foo.bar.com (mshttpd); <date>

As much as I have searched all over the net for e-mail header howtos I cannot seem to find out what this means. Does anyone know what "Forwarded-For" means??

Thanks a bunch in advance.

-Craig

 

[substitute]

It means the mail was sent by [1.1.1.1] to foo.bar.com relaying via [0.0.0.0]. Some proxy servers do this, i.e. proxy server [0.0.0.0] adds the header so you know it wasn't the original source.

I've seen this sometims but don't think it is a standard thing, just an extension some servers use. I've just looked at headers on email I know were forwarded and there's no forward-for entry.

 

[Albion]

After doing a search on the usenet I found a ton of [SPAM] examples on one of the net.abuse groups that had this "Forwarded-For" tag in the header. MAybe it's something spammers use to hide their identity.

 

[substitute]

That's right. A lot of spam is sent through so-called "open relays"; mis-configured mail servers that will forward mail from anyone, to anyone, rather than just authorised servers. There's a website somewhere that keeps a list of open relays so you can blacklist mail from them.

Ian.