Re: Basically Lazy - Email Header Analysis

From: J.Reilink (digiover_at_dsinet.org)
Date: 05/30/03

  • Next message: Dirk Thesenvitz: "AW: W2K server "sniffer"" 
    Date: Fri, 30 May 2003 07:33:01 +0200
To: "Andy Cuff [talisker]" <talisker@networkintrusion.co.uk>

    Hi Andy,

    ----- Original message -----
    On Sat, 25 Oct 2003 11:43:23 +0100
    "Andy Cuff [talisker]" <offthecuff@lineone.net> wrote in message
    <001d01c39ae4$d5af6ad0$e800a8c0@BusterGonad>:

    > Hi
    > Whilst drowning my sorrows in the UK rain following our resounding
    > defeat in the Eurovision song contest (Politics in Europe surely not
    > !!) I have turned my attention to email headers.
    >

    Like the Netherlands did great.... Must say I have to visit Iceland
    sometime... ;-)

    > Whilst I'm quietly confident about manually analysing email headers,
    > I'm looking for tools or web resources that will automate some of the
    > process. There are plenty of anti-spam resources such as
    > http://combat.uxn.com/ and http://www.spamhaus.org/ to identify
    > spammers and there is the infamous Sam Spade for testing Open Mail
    > Relay Agents. There are a plethora of how-to's and FAQ's about
    > analysing headers manually. But I haven't found many resources that
    > analyse the headers in sufficient accurate detail.
    >

    You have mentioned Sam Spade for testing Open Mail Relay Agents, Sam
    Spade (the tool, not the site) also has an header analysis tool. It's
    somewhere in the menu, called "parse headers" or something like that
    (don't have a copy here atm).

    The header parsing tool isn't perfect, last time I checked, but it
    works.

    > Personally I would rather run a tool on my own system than put my
    > headers through a 3rd party website but there are a few sites that
    > seem to do it fairly well such as http://www.3dmail.com/spam/ which
    > whilst spam focussed seems fairly comprehensive, though sadly a beta
    > which hasn't been updated in a year.
    >

    Some mentioned SpamCop and I must say it works pretty good.
    You could also write your own tool in whatever language you'd like, many
    *nix commandline commands are at your disposal: host, vrfy, dig, etc.

    Regards, Jan 

    -- 
Dutch Security Information Network: http://www.dsinet.org
---------------------------------------------------------------------------
----------------------------------------------------------------------------
  • Next message: Dirk Thesenvitz: "AW: W2K server "sniffer""

    Relevant Pages

    • Basically Lazy - Email Header Analysis
      ... Whilst I'm quietly confident about manually analysing email headers, ... looking for tools or web resources that will automate some of the process. ... through a 3rd party website but there are a few sites that seem to do it ... Thinking About Security Training? ...
      (Security-Basics)
    • Re: HTTP question - file that never changes
      ... I'm working on a server app, which makes resources with the creation time ... To prevent caching, for example, HTTP headers or HTML headers should contain ... | Cache-Control: no-cache ... Apache specifics at: comp.infosystems.www.servers.unix ...
      (alt.html)
    • Re: PHP CLI & Forking children
      ... resources. ... a newsgroup in a single connection (which will cause PHP to crash ... Or you could get some headers and cache them to disk, ... But which newsgroup has 2M+ headers? ...
      (comp.lang.php)
    • Re: Why is Xnews such a resource hog?
      ... Xnews takes much too much time and resources - and I know it's not ... caught in a loop, ... My second box with 128 meg runs xnews perfectly - I use full storage - ... to you get the time to trawl through 300,000 headers? ...
      (news.software.readers)
    • Re: Basically Lazy - Email Header Analysis
      ... My email at work gets stunning quantities of spam. ... >Whilst I'm quietly confident about manually analysing email headers, ... >through a 3rd party website but there are a few sites that seem to do it ...
      (Security-Basics)