[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Forged messages (was: TC May advertises cypherpunks as keeping your taxes from going to 'people of colour')
Matthew J Ghio <[email protected]> writes:
>
> "[email protected]" <[email protected]> writes:
>
> Note that pizzabox.demon.co.uk [158.152.8.236] doesn't tell where it got
> the message from. Could it have been longs.lance.colostate.edu? I
> liked Detweiler better when he just used anon.penet.fi.
Perhaps you just don't understand how headers work.
Often times, the machine which originats a message puts a header
in that says it "recieved" it *despite* the fact that the message
was originated on that machine. This happens (I believe) because
the mail agent submits the message to sendmail for sending. This
causes sendmail to tag it as "recieved" despite its origin on that
machine.
> P.S. I sent myself a test email by telnetting to pizzabox.demon.co.uk
> 25, but it identified the IP address I telnetted from... hopefully the
> site administrators at demon.co.uk have recognized the problem and taken
> steps to prevent further detweiling. But be on your lookout, this will
> only hold him off until he can find another SMTP port to spoof from.
Or, more likely, there was never a problem at pizzabox.demon.co.uk
and the message is either not forged or the forger submitted it
through another mechanism.
Jon Boone | PSC Networking | [email protected] | (412) 268-6959
finger [email protected] for PGP public key block