[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On 29/03/13 16:51, Martijn Grooten wrote:
Does your server write this to the header or just accept what its given? That stuff can be written into the header by the sender and if not checked/corrected by the receiver then it just stands:On Fri, Mar 29, 2013 at 4:41 PM, tom wrote:Can you be sure - all that stuff is so easily spoofed unless its properly signed. I used to send messages from Bill Gates and the only way to 'prove' they didn't come from there was IF there was some way of proving the servers weren’t up/existing at the times I gave.>From the headers of that message: Received: from nm25-vm0.bullet.mail.ird.yahoo.com ([212.82.109.201]) by pi.a-squared.co.uk with smtp (Exim 4.72) (envelope-from <ifindthatinteresting@xxxxxxxxx>) id 1UKzf9-0007Hd-Ih for list@xxxxxxxxxxxxx; Wed, 27 Mar 2013 23:21:47 +0000 This means that the list server (pi.a-squared.co.uk) received the email from 212.82.109.201, which has a reverse DNS record nm25-vm0.bullet.mail.ird.yahoo.com. That in itself already shows that that is one of Yahoo's servers; you can do a whois lookup on the IP address to confirm that.
If I telnet in to port 25 and go:HELO microsoft.com most smtp servers just accept that as fact and then MAY use DNS to get the IP due to the fact that sending servers can be on a different IP for load balancing/spreading
Tom te tom te tom -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq