Re: Obvious manipulation of e-mail headers - what good are they?

From: N. Miller (anonymous_at_discussions.microsoft.com)
Date: 04/28/05


Date: Wed, 27 Apr 2005 21:49:15 -0700

In article <#Vz9c#5SFHA.228@TK2MSFTNGP12.phx.gbl>, George Hester says...

> Received: from %STATIC_3WORD...

<snipped rest of headers>

> Nothing in these (partial) headers has any relation to the real world.
> Everything is made up. But not by me by the sender. Now what good are
> headers anymore? I can answer that. It's easy. It gives the ISP of the
> spammer an excuse used to deny they are enabling the spammer - dah!

You left out the most important headers, the ones your mail service added
when it received the email. Those headers are the ones which will identify
the computer which delivered the email to your servers; they are the ones
which count, because they identify the abusive network. Beyond those which
you omitted, header forgery is trivial, and has been going on for at least
four, or five years; probably longer.

-- 
Norman
~Win dain a lotica, En vai tu ri, Si lo ta
~Fin dein a loluca, En dragu a sei lain
~Vi fa-ru les shutai am, En riga-lint


Relevant Pages

  • RE: e-mail tracing
    ... not because they're a spammer. ... and spammers can send e-mails through open mail servers but we ... Now I am reading these headers but the bottom ... All of our class sizes ...
    (Security-Basics)
  • Re: Obvious manipulation of e-mail headers - what good are they?
    ... The only thing that I saw in the part of the headers that you posted was ... they were added by the spammer, ... open proxy, which proxy is acting as a mail agent; ... That customer may not even know there is a spam proxy running, ...
    (microsoft.public.security)
  • Re: Email Test
    ... > Do spammer harverst every address out there, or do they try to get the ... Lately I have been getting zillions of spams from me bounced ... The headers do not indicate that the e-mail ever passed ... at a time that it was connected to the Internet. ...
    (comp.os.linux.misc)
  • Re: Secure feedback form
    ... A note are written to the spammer, and the mail will not be sent. ... Otherwise a customer may think a message has been sent when it hasn't. ... // If crack discover additonal fields in the body, ... If you have the headers fixed with no user-supplied data in them, ...
    (alt.php)
  • Re: Spam filter does not work
    ... from the headers of the e-mail good luck. ... Spam them and you may find your ISP after your butt. ... There is only one way to beat the spammer and that is never use the e-mail address for any purpose that has ... > that a message gets through the exclusive filter. ...
    (microsoft.public.outlook.general)