Re: How do they blank out IP addresses etc?

From: Bill Unruh (unruh@physics.ubc.ca)
Date: 01/30/02

  • Next message: Jeff: "Re: Freedom or Zone alarm" 

    From: unruh@physics.ubc.ca (Bill Unruh)
Date: 30 Jan 2002 17:30:43 GMT

    In <bmS58.54$5o.109766@newsr2.u-net.net> "Dave Korn" <no.spam@my.mailbox.invalid> writes:

    ]"those who know me have no need of my name" <not-a-real-address@usa.net>
    ]wrote in message news:u5buqvhr7e1a@news.supernews.com...
    ]> <dnfb5uc38h1k06c6ibermbtnlk9iaghnts@4ax.com> divulged:
    ]> >those who know me have no need of my name <not-a-real-address@usa.net>
    ]> >wrote:
    ]> >><va7b5ukf6pboqkgm91fksd1th4vc04nlqm@4ax.com> divulged:
    ]>
    ]> >>it's not that they aren't real, it's that they aren't _complete_. there
    ]> >>should be at least one received header in every message.
    ]> >
    ]> >OK, my wrong choice of words. Those were the complete headers I
    ]> >received - what the guy has done is munged up the X-Originating-IP so
    ]> >that no IP address appears. In all three cases, I took the headers from
    ]> >Outlook Express using Message Properties, Details, Message Source

    Anything staring with X is a voluntary header, whose content you should not trust. It is for
    information purposes only. Some ISPs insert info about the originating machine there, but
    there is not requirement.

    Note that may mailers do NOT display full headers. Many have a configuration switch which will
    have them do so, but they do not by default. Your machine is seriously deficient if your MTA
    does not insert a Received header. Ie, you own machine should insert one. As mentioned the
    only way it will not hav eone if the mail came from your own machine and was never handled by
    the MTA, but just by the local delivery agent.

    ]>
    ]> in that case the message came from your machine, since it contained no
    ]> received headers showing that it was passed from one mta to another.
    ]>
    ]> --
    ]> okay, have a sig then

    ] HOTMAIL!!!

    ] It arrived at his machine by HTTP, which doesn't usually insert received
    ]headers.

    http does not receive mail. Sendmail or its ilk receive mail. Sendmail or its ilk insert
    Received From lines everytime they receive mail.

    Relevant Pages

    • Re: what can be trusted in email header?
      ... The e-mail client can enter whatever headers it wants into an e-mail because those "headers" are NOT headers added by mail servers. ... You entering recipients in the To, Cc, and Bcc fields in your e-mail client are not what tells the mail server as to where your e-mail gets delivered. ... Every host knows the IP address of whatever host connects to it. ... The receiving mail host will add its Received header and show the IP address of the host that connected to it. ...
      (microsoft.public.outlook)
    • Re: Returning emails to sender
      ... Outlook has rules to look at only some of the headers (the ones the sender ... which header has that string. ... you could test on ir2.motleyfool.com being in the Received header, ...
      (microsoft.public.outlook.general)
    • Re: How do they blank out IP addresses etc?
      ... >>They were the real headers. ... >should be at least one received header in every message. ... Those were the complete headers I ... Outlook Express using Message Properties, Details, Message Source ...
      (comp.security.misc)
    • RE: e-mail tracing
      ... Now why do I recommend reading the RFC's? ... Now you will see in each MTA relay, a ip in brackets as well as ... The headers you provided are a classic example of open-relays and spoofing. ... resolves to 216.200.145.35, and the bigiplb-dsnat entry gives it away, {the ...
      (Security-Basics)
    • Re: Controlling email headers - at the email client or ???
      ... Why not just run your own MTA instead of relying on a MUA to do it? ... native sendmail for Windows. ... this group on my name and sendmail or ssmtp. ... The usage is just piping the desired headers and body to it. ...
      (comp.mail.misc)