Re: a question on email headers

To: debian-user@lists.debian.org
Subject: Re: a question on email headers
From: Paul Johnson <baloo@ursine.dyndns.org>
Date: Tue, 15 Apr 2003 05:34:17 -0700
Message-id: <[🔎] 20030415123417.GB16692@ursine.dyndns.org>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 5.2.0.9.0.20030415190401.00a09e00@its2>
References: <[🔎] 200304150234.52014.ad19@freeelectron.net> <[🔎] 5.2.0.9.0.20030415190401.00a09e00@its2>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, Apr 15, 2003 at 07:11:50PM +1000, Anders Holmstrom wrote:
> Of course you can (and spammers frequently do) forge a whole Received 
> header so you can only rely on the last one (which is the first one from 
> the top :-).

No, it's not quite *that* hard to figure out... you can try sending a
test message through a lot of those IPs.  If you get connection
refused or it times out, it's probably forged.  You can weed out a lot
of the forged headers that way.

- -- 
 .''`.     Baloo Ursidae <baloo@ursine.dyndns.org>
: :'  :    proud Debian admin and user
`. `'`
  `-  Debian - when you have better things to do than fix a system
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQE+m/xJJ5vLSqVpK2kRAqcBAKCW2VXhyOXk6GxT1bEb1HLblddy0QCfWFnw
UP9sDnNt60o7hqx/Qm7Ol48=
=DZ+e
-----END PGP SIGNATURE-----

Reply to:

References:
- a question on email headers
  - From: Al Davis <ad19@freeelectron.net>
- Re: a question on email headers
  - From: Anders Holmstrom <andersh@silcraft.com.au>

Prev by Date: Re: stl + g++-3.2
Next by Date: Re: 2.4.20 kernel and RTL8139
Previous by thread: Re: a question on email headers
Next by thread: Re: a question on email headers
Index(es):
- Date
- Thread