|
ECS Home Automation and Security Archives |
learn more
| view messages for this
month | NetBloc® | terms of use | search
subject (prev) or (next) |
time (prev) or (next) |
author (prev) or (next) |
view more subjects
Subject:
From:
Date: | Re: [ecs] A more clever example of a spoof email (IMPORTANT)
Neil Cherry
Thu, 20 May 2004 20:26:08 -0400 |
One of the things I normally do with any suspicious email is to
"look at it's source" (CTRL-U on Mozilla, Thunderbird). Here is an
example of the top part of your message (the headers):
=============================================================================
From - Thu May 20 20:16:06 2004
X-UIDL: 20040521001728s1500g0aune000nam
X-Mozilla-Status: 0001
X-Mozilla-Status2: 10000000
Received: from pork.netbloc.com ([24.85.240.246])
by sccrmxc15.comcast.net (sccrmxc15) with SMTP
id <20040521001726s1500istc2e>; Fri, 21 May 2004 00:17:27 +0000
X-Originating-IP: [24.85.240.246]
Received: (qmail 11523 invoked by uid 515); 21 May 2004 00:17:01 -0000
Mailing-List: terms of use <http://netbloc.com/info/use/>
Precedence: bulk
X-No-Archive: yes
Reply-To: ecs@netbloc.com
List-Info: <http://netbloc.com/ecs/>
Delivered-To: mailing list ecs@netbloc.com
Received: (qmail 11498 invoked by uid 523); 21 May 2004 00:17:01 -0000
X-Spam-Status: No, hits=1.3 required=4.0
X-Spam-Level: +
Message-Id: <5.2.1.1.0.20040520171613.0360e1b0@mail.markgilmore.net>
X-Sender: mark1@markgilmore.net@mail.markgilmore.net
X-Mailer: QUALCOMM Windows Eudora Version 5.2.1
Date: Thu, 20 May 2004 17:16:39 -0700
To: ecsl@netbloc.com,ecs@netbloc.com
From: Mark Gilmore <mark@OmnipotenceSoftware.com>
Mime-Version: 1.0
Content-Type: multipart/mixed; x-avg-checked=avg-ok-AC8169F;
boundary="=======68464FC9======="
X-Qmail-Scanner-Message-ID: <108509862067211478@pork.netbloc.com>
Subject: [ecs] A more clever example of a spoof email (IMPORTANT)
=============================================================================
Usually the received is the most important part but sometime I look further.
BTW, it is possible for the end portions of the received to contain junk. You
really need to figure out how to read them. Since I've been doing this since
the UUCP days (njc!diane.uucp!rutgers.edu) I've gotten used to reading the
headers. :-)
BTW, it's interesting how your X-Sender has 2 @'s in it. Your system sends
through 2 'systems' which maybe 2 software sub-systems on the same computer.
--
Linux Home Automation Neil Cherry ncherry@comcast.net
http://home.comcast.net/~ncherry/ (Text only)
http://linuxha.sourceforge.net/ (SourceForge)
http://hcs.sourceforge.net/ (HCS II)
subject (prev) or (next) |
time (prev) or (next) |
author (prev) or (next) |
view more subjects