| |
Email Envelope and Headers
Return-Path: < jj@jj.com>
X-Original-To: mailtest@capone.linux.class
Delivered-To: mailtest@capone.linux.class
Received: from node18.linux.class (node18 [192.168.5.38])
by capone.linux.class (Postfix) with ESMTP id A291B2B15C
for < mailtest@capone.linux.class> Tue, 12 Apr 2005 22:24:53 -0400 (EDT)
Received: from here.com (unknown [192.168.5.250])
by node18.linux.class (Postfix) with SMTP id 4653B14112
for < mailtest@capone.linux.class> Tue, 12 Apr 2005 22:24:03 -0400 (EDT)
To: some_guru@somewhere.com
From: pp@pp.com
Subject: Forged e-mail
Message-Id: <20050413022403.4653B14112@node18.linux.class>
Date: Tue, 12 Apr 2005 22:24:03 -0400 (EDT)
Hey,
The "To:" and "From:" are non-existent, but you still get the e-mail.
bye, bye
.
|
The envelope:
Return-Path (forged in this case); who it was sent and delivered to (mailtest@capone.linux.class);
All the transaction stages -
originated on unknown host [192.168.5.250]
--> relayed through node18.linux.class, which is running Postfix SMTP server;
message id 4653B14112 can be used to track the e-mail in the log files on
node18.linux.class; the message was sent for mailtest@capone.linux.class; Date/Time Tue, 12 Apr 2005 22:24:03
--> receivd on capone.linux.class, which is running Postfix, for
mailtest@capone.linux.class on Tue, 12 Apr 2005 22:24:53; ESMTP id A291B2B15C
can be used to track the e-mail in the log files on capone.
The headers (what ususlly is displayed in e-mail
programs):
the "To" and "From" are forged here; Message-Id: <20050413022403.4653B14112@node18.linux.class> tells that the message was received on Tue, 12 Apr 2005 22:24:03,
from node18.linux.class
where the message ID is 4653B14112.
|
|