[Mailman-Users] HTTP_X_FORWARDED_FOR logging support

Jim Popovitch jimpop at gmail.com
Tue Jun 23 03:44:19 CEST 2015

On Mon, Jun 22, 2015 at 8:06 PM, Stephen J. Turnbull <stephen at xemacs.org> wrote:
> Are you proposing this for inclusion in a future Mailman distribution?

Yes, at least for the 2.x trunk.

> If so, RFC 7239 Forwarded-For should be supported as well.

Sure, that makes good sense to add.

> Also, since one of the purposes of this information appears to be
> detection of attacks of various kinds, I would think that instead of
> falling back to REMOTE_HOST or REMOTE_ADDR, you would want to collect
> all of them.  After all, this is cheap since you're getting it from
> the HTTP headers, no DNS lookups or whatever involved, they've already
> been done.

For the purpose of something like fail2ban all that is needed is the
IPaddr.   Having all the others would be a "nice to have", but would
really drive up the patch size.

> This especially applies to REMOTE_HOST vs. REMOTE_ADDR.

REMOTE_HOST is subject to swift changes, whereas REMOTE_ADDR is what
actually connected to the server.  One you can bank on, the other is
always suspect, imo.

-Jim P.

More information about the Mailman-Users mailing list