Re: Obvious manipulation of e-mail headers - what good are they?

From: N. Miller (anonymous_at_discussions.microsoft.com)
Date: 04/28/05

• Next message: catchyogi: "Antivirus"
• Previous message: George Hester: "Obvious manipulation of e-mail headers - what good are they?"
• In reply to: George Hester: "Obvious manipulation of e-mail headers - what good are they?"
• Next in thread: Karl Levinson, mvp: "Re: Obvious manipulation of e-mail headers - what good are they?"
• Reply: Karl Levinson, mvp: "Re: Obvious manipulation of e-mail headers - what good are they?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 27 Apr 2005 21:49:15 -0700

In article <#Vz9c#5SFHA.228@TK2MSFTNGP12.phx.gbl>, George Hester says...

> Received: from %STATIC_3WORD...

<snipped rest of headers>

> Nothing in these (partial) headers has any relation to the real world.
> Everything is made up. But not by me by the sender. Now what good are
> headers anymore? I can answer that. It's easy. It gives the ISP of the
> spammer an excuse used to deny they are enabling the spammer - dah!

You left out the most important headers, the ones your mail service added
when it received the email. Those headers are the ones which will identify
the computer which delivered the email to your servers; they are the ones
which count, because they identify the abusive network. Beyond those which
you omitted, header forgery is trivial, and has been going on for at least
four, or five years; probably longer.

-- 
Norman
~Win dain a lotica, En vai tu ri, Si lo ta
~Fin dein a loluca, En dragu a sei lain
~Vi fa-ru les shutai am, En riga-lint

• Next message: catchyogi: "Antivirus"
• Previous message: George Hester: "Obvious manipulation of e-mail headers - what good are they?"
• In reply to: George Hester: "Obvious manipulation of e-mail headers - what good are they?"
• Next in thread: Karl Levinson, mvp: "Re: Obvious manipulation of e-mail headers - what good are they?"
• Reply: Karl Levinson, mvp: "Re: Obvious manipulation of e-mail headers - what good are they?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages RE: e-mail tracing ... not because they're a spammer. ... and spammers can send e-mails through open mail servers but we ... Now I am reading these headers but the bottom ... All of our class sizes ... (Security-Basics) Re: Obvious manipulation of e-mail headers - what good are they? ... The only thing that I saw in the part of the headers that you posted was ... they were added by the spammer, ... open proxy, which proxy is acting as a mail agent; ... That customer may not even know there is a spam proxy running, ... (microsoft.public.security) Re: Email Test ... > Do spammer harverst every address out there, or do they try to get the ... Lately I have been getting zillions of spams from me bounced ... The headers do not indicate that the e-mail ever passed ... at a time that it was connected to the Internet. ... (comp.os.linux.misc) Re: Spam filter does not work ... from the headers of the e-mail good luck. ... Spam them and you may find your ISP after your butt. ... There is only one way to beat the spammer and that is never use the e-mail address for any purpose that has ... > that a message gets through the exclusive filter. ... (microsoft.public.outlook.general) RE: e-mail tracing ... It's better than I am at spotting faked headers. ... Maybe the line is fake. ... > I have been getting e-mails about confirming my credit card ... Is this the real spammer IP ... (Security-Basics)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint