Hey, I got my first whindoze email virus!

Edward Glowacki glowack2@msu.edu
Wed, 16 Aug 2000 16:36:11 -0400 (EDT)

Previous message: Hey, I got my first whindoze email virus!
Next message: question
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 15 Aug 2000, Torgo Jr wrote:
> Received: 
>   by pop1.mx.voyager.net (mbox agarris@voyager.net) (with voyager.net's
>   vgrpop Tue Aug 15 18:36:18 2000)
> Received: 
>   from linux-1.osvnidau (root@[195.141.11.11]) by mx2.mx.voyager.net
>   (8.9.3/8.9.3) with ESMTP id RAA90603 for <agarris@voyager.net>; Tue, 15
>   Aug 2000 17:35:49 -0400 (EDT)
> Received: 
>   from aol.com (110103830@[161.58.1.88]) by linux-1.osvnidau (8.8.8/8.8.8)
>   with SMTP id BAA13223; Wed, 16 Aug 2000 01:18:19 +0200
> Date: 
>   Wed, 16 Aug 2000 01:18:19 +0200
> Message-ID: 
>   <200008152318.BAA13223@linux-1.osvnidau>
> From: 
>   "Christina F."<_christina_m_@excite.com>

You can really only trust the first (i.e. most recent) header of
any email address.  To really verify it, you'd have to see where
your mail server received it from, then ask them to see where their
mail server received it from, etc. and track it back that way.  At
some point you'll probably find an open mail relay or other such
forging hotspot.

-- 
Edward Glowacki			glowack2@msu.edu
Network Services		
Michigan State University

Previous message: Hey, I got my first whindoze email virus!
Next message: question
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]