[nycbug-talk] Mail message headers
Sat Jan 31 23:21:48 EST 2004
->Anyone knows of a good link on how to read message headers?
->I have an idea, but would welcome understanding it better.
->In particular how to determine the point of origin.
->I don't think the email below came from me,but want to double check.
->Am I reading the email below correctly by saying it was sent
->from IP 18.104.22.168?
->---------- Forwarded message ----------
->Date: 1 Feb 2004 01:55:20 -0000
->From: System Anti-Virus Administrator <postmaster at hrnoc.net>
->To: francisco at natserv.com
->Subject: virus found in sent message "hello"
->Attention: francisco at natserv.com
->A virus was found in an Email message you sent.
->MAILFROM: francisco at natserv.com
->Received: from user-24-236-105-243.knology.net (HELO
-> by mx3.hrnoc.net with SMTP; 1 Feb 2004 01:55:19 -0000
->From: francisco at natserv.com
->To: john at scalabium.com
->Date: Sat, 31 Jan 2004 20:55:33 -0500
did some googling. . . http://support.shaw.ca/networks/internetabuse.htm
check out section E.
this virus has been spoofing addresses left and right. up to 85% of my
mail has been this virus.
it would be logical that if mail servers were performing dns lookups,
this whole mess would cease. my domain has been rbl'd a few times, but
frankly, it's completely idiotic if mail servers aren't authenticating
incoming mail in the most basic way. . .
but then again, i wouldn't be able to send out mail via my business
domain if verizon didn't allow me to use their smtp servers. . .
More information about the talk