On Sun, 16 May 2004, Paul M Foster wrote:
> On Sat, May 15, 2004 at 07:25:34PM -0400, Eben King wrote:
>
> > Here are the headers:
> >
> > Return-Path: <owner-slug-track29@slug-list-00.nks.net>
> > Received: from localhost (localhost.localdomain [127.0.0.1])
> > by pc.tampabay.rr.com (8.12.5/8.12.5) with ESMTP id i4FNN4Xh018236
> > for <eben@localhost>; Sat, 15 May 2004 19:23:04 -0400
> > Received: from pop-server.tampabay.rr.com [65.32.5.45]
> > by localhost with POP3 (fetchmail-5.9.0)
> > for eben@localhost (single-drop); Sat, 15 May 2004 19:23:04 -0400
> > (EDT)
> > Received: from ms-mta-02 (ms-mta-02-smtp [10.10.4.6])
> > by ms-mss-01.tampabay.rr.com
> > (iPlanet Messaging Server 5.2 HotFix 1.21 (built Sep 8 2003))
> > with ESMTP id <0HXS00F3Z1QF4H@ms-mss-01.tampabay.rr.com>; Sat,
> > 15 May 2004 18:42:16 -0400 (EDT)
> > Received: from flmx01.mgw.rr.com (flmx01.mgw.rr.com [65.32.1.38])
> > by ms-mta-02.tampabay.rr.com
> > (iPlanet Messaging Server 5.2 HotFix 1.21 (built Sep 8 2003))
> > with ESMTP id <0HXS005UO1QFAX@ms-mta-02.tampabay.rr.com>; Sat,
> > 15 May 2004 18:42:15 -0400 (EDT)
> > Received: from slug-list-00.nks.net (slug-list-00.nks.net [24.73.115.205])
> > by flmx01.mgw.rr.com (8.12.10/8.12.8) with ESMTP id i4FMg8fV016767;
> > Sat,
> > 15 May 2004 18:42:08 -0400 (EDT)
> > Received: from n2now967.com ([195.166.237.40])
> > by slug-list-00.nks.net (8.12.3/8.12.3/Debian-5.1) with SMTP id
> > i4FMTAmR020555
> > for <slug-track29@slug-list-00.nks.net>; Sat, 15 May 2004 18:29:13
> > -0400
> > Date: Sat, 15 May 2004 15:31:00 -0700
> > From: MRS MARY TAYLOR <marytaylor09@yahoo.com>
> > Subject: urgent
> > To: slug-track29@slug-list-00.nks.net
> > Reply-to: marytaylor09@yahoo.com
> > Message-id: <200405152229.i4FMTAmR020555@slug-list-00.nks.net>
> > MIME-version: 1.0
> > X-Mailer: Microsoft Outlook Express 5.00.2919.6900 DM
> > Content-type: text/plain; charset=us-ascii
> > X-Virus-Scanned: Symantec AntiVirus Scan Engine
> > Content-Transfer-Encoding: 8bit
> > X-MIME-Autoconverted: from quoted-printable to 8bit by pc.tampabay.rr.com
> > id i4FNN4Xh018236
>
> This is a case where what _looks_ real isn't. Most of the addresses here
> are spoofed. Although the "To:" header says one thing, the envelope
> header is something else, which is why it got to you, but not to the
> list in general.
I understand that; it's commonly done that what the "To:" header says and
who actually receives it are different. How far down are the "Received:"
headers accurate? flmx01.mgw.rr.com appears on legitimate mail, so it's
most likely valid.
--
-eben ebQenW1@EtaRmpTabYayU.rIr.OcoPm home.tampabay.rr.com/hactar
"God does not play dice" -- Einstein
"Not only does God play dice, he sometimes throws
them where they can't be seen." -- Stephen Hawking
-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS). Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 18:28:19 EDT