Re: Confirming the veracity of Email

From: D McAuliffe (DaveMcA_at_mailinator.com)
Date: 02/28/04 

Date: Fri, 27 Feb 2004 19:00:25 -0500

"Peter James" <nospam@petefjames.clara.co.uk> wrote in message
news:1077866136.30914.0@damia.uk.clara.net...
> how you can tell if an email does come from who it says it does.
> What I'm asking is, how do you authenticate a questionable email?
> --
>
> Peter James
> Change AT to @ to reply

For personal mail, if you want to determine there's someone at the other end
or that they know they sent you the "filename.vbs" attachment, a simple
reply with a question should do. If they reply or not, you'll be able to
judge the first mail.

For commercial mail the sending IP should have some correlation (whois) to
the From address. For example, I got an ad from "Portland Sales sales @
portland.co.uk" about "we are also offering free webhosting". A
SamSpade.org check of the sending IP gives me:

netname: CSIUK
descr: UK Internet Provider

The IP of the sending machine is in the same group as what portland.co.uk
renders.
It's reasonable to assume an internet provider would be sending offers on
webhosting, therefore I would trust the mail, theoretically. In practice, I
trash all commercial mail other than those which I have requested. If I
questioned the mail legitimacy, I would also put in a google search what I
considered to be a key phrase from the subject and or body. That could get
information on scams. Personal information is never given out due to, or
derived from, an incoming mail request.

That said. There's no 100% guaranteed way. 

-- 
~~~~~~~~~~~~~~~~~
Dave McAuliffe
Central Mass. USA
To E-mail -
  Replace: mailinator.com
  With:      email.com
~~~~~~~~~~~~~~~~~