[Date Prev][Date Next][Subject Prev][Subject Next][ Date Index][ Subject Index]

Re: Off topic - email headers



Paul Williams wrote:

> I have become aware that my web site contact email address has been heavily
> spoofed. I know this because I am getting dozens of emails rejecting
> virus-laden emails I apparently sent. I want to find out who is doing this.
> I suppose I should start by studying the headers of the spoofed emails
> where possible but urgh.........
>
> Does anyone know where email headers are demystified and explained?

I've been getting plenty of these myself lately. The faux Failed Delivery /
Returned Email gambit is one that has gained a lot of favor amongst spammers
and virus / worm / Trojan disseminators. One of the developers of JunkSpy has
told me that it is not difficult to fake most anything in the headers,
including most of the route the mail travelled on its way to you. This is what
can make it hard for law enforcemement agencies to track this stuff down, in
the tiny minority of cases where they may bother to do so. Still, it should
sometimes be possible for recipients to attempt this on their own, and file an
abuse report wherever that may be appropriate.

There are folks -- maybe even a couple here -- who know this stuff backwards
and forwards, but I'm certainly not one of them. At home, I have a very good
book on 'Net security issues, which includes anyalyzing this sort of thing, and
it is mostly written in terms the layman can comprehend. I'm away just now, so
I can't identify the author, publisher, ISBN etc. for you, but would be glad to
do so upon my return. The only caveat is that I think this book came out in
1999, and would benefit from an updated edition, *if* one has not come out
already.

Jordan