Hello
Is there a way to look at the message header and determine the true
sender of an email message.
Is it the "Message-ID:"?
Or is it the "X-UIDL:"
Is there a source that explains all aspects of the message header?
Thanks
cdoc wrote:
> Hello
> Is there a way to look at the message header and determine the true
> sender of an email message.
> Is it the "Message-ID:"?
> Or is it the "X-UIDL:"
> Is there a source that explains all aspects of the message header?
> Thanks
The only thing one can determine is the true source (provider) from
where a message was sent. Only through legal proceedings can one
determine the true sender. The above can be countermanded if there
is/was an open proxy or a compromised system.
Consult the Received headers which will indicate the path the message
took to get to the final destination.
Ak
On Sat, 26 Nov 2005 08:48:02 -0600, cdoc
>Hello
>Is there a way to look at the message header and determine the true
>sender of an email message.
>Is it the "Message-ID:"?
>Or is it the "X-UIDL:"
>Is there a source that explains all aspects of the message header?
The *only* 100% reliable information in an email header is the stuff
created by your receiving server, which will usually show you the IP
address that delivered the email to it in the Received: line it creates.
In legit email you can (usually) follow the chain of Received: lines back
to the IP address of the sender, but that still doesn't tell you anything
about _who_ sent the email. Header lines like To:, From:, and
Message-Id:, etc., can be anything the sender feels like saying, so
they're useless for identifying a sender who doesn't want to be
identified. Check out http://www.pop-cram-spam.net/SMTP.htm for a quick
rundown on the basics of how SMTP works; note that the header and the
body are both sent along in the DATA, so a bogus header line (including
Received: lines) is just as easy to create as a line in the body that
says "Hi cdoc". Check out http://www.stopspam.org/email/headers.html for
an in depth tutorial.
Steve Baker