RE: Disturbing email
by "Lisa Howell" <nstar92(at)bellatlantic.net>
|
| Date: |
Sat, 15 Sep 2001 17:37:00 -0300 |
| To: |
"BENJAMIN KIM WAKELY" <bkwakely(at)deakin.edu.au>,
<hwg-techniques(at)mail.hwg.org> |
| In-Reply-To: |
edu |
| |
todo: View
Thread,
Original
|
|
go to www.samspade.org to trace the IP addys in the headers!
Lisa
> -----Original Message-----
> From: owner-hwg-techniques(at)hwg.org
> [mailto:owner-hwg-techniques(at)hwg.org]On Behalf Of BENJAMIN KIM WAKELY
> Sent: Thursday, September 13, 2001 8:38 PM
> To: hwg-techniques(at)mail.hwg.org
> Subject: Re: Disturbing email
>
>
>
> ------------
> Juliana: You use MS Outlook, and I'm not entirely sure how you
> would get a look
> at the mail headers. I have included the headers from your email
> to the list as
> an example of some of the information that outlook by default
> hides from it's users.
>
> If I'm reading it rightly, You are using MS Outlook, and when you
> sent the message
> on Thursday 13 sep, about 1.30 pm, from IP adderss 63.29.146.71,
> you were dialled
> in or connected to UUNET or one of their many, many subsiduaries.
>
> There are tutorials and people who know how to decipher these
> headers out there. I only have a passing acquaintance with it.
>
> If you kept the email message, it should contain this header file
> information.
>
> There is no technical way to stop someone slapping a 'reply-to'
> or even a 'from'
> line claiming to be anyone, but the headers will show who it
> actually came from,
> and that could aid you in threats / legal action.
>
> -Benji Wakely
> corrections are welcome, if I have erred.
>
>
> -------below lies your 'hidden' header information from your
> message to hwg-----
> Received: from mail.hwg.org (mail.hwg.org [192.41.44.74])
> by deakin.edu.au (8.11.4/8.11.4) with ESMTP id f8DMJYE06848
> for <bkwakely(at)deakin.edu.au>; Fri, 14 Sep 2001 08:19:34 +1000 (EST)
> Received: (hwg2@localhost) by mail.hwg.org (8.8.5) id OAA18874;
> Thu, 13 Sep 2001 14:34:30 -0600 (MDT)
> Received: from albatross.prod.itd.earthlink.net
> (albatross.mail.pas.earthlink.net [207.217.120.120]) by
> mail.hwg.org (8.8.5) id OAA18869; Thu, 13 Sep 2001 14:34:28 -0600 (MDT)
> X-Authentication-Warning: mail.hwg.org: Host
> albatross.mail.pas.earthlink.net [207.217.120.120] claimed to be
> albatross.prod.itd.earthlink.net
> Received: from LAPTOP (1Cust71.tnt1.roswell.nm.da.uu.net [63.29.146.71])
> by albatross.prod.itd.earthlink.net (EL-8_9_3_3/8.9.3) with
> ESMTP id NAA12193
> for <hwg-techniques(at)mail.hwg.org>; Thu, 13 Sep 2001
> 13:34:19 -0700 (PDT)
>
> Date: Thu, 13 Sep 2001 14:32:37 -0600
> Organization: Graphmaster Design
> Message-ID: <000c01c13c93$3b730fa0$d500a8c0(at)julianasnetwork.local>
> MIME-Version: 1.0
> Content-Type: text/plain;
> charset="us-ascii"
> Content-Transfer-Encoding: 7bit
> X-Priority: 3 (Normal)
> X-MSMail-Priority: Normal
> X-Mailer: Microsoft Outlook, Build 10.0.2627
> Importance: Normal
> X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400
> In-Reply-To: <00cd01c13b30$754f8820$0100a8c0(at)mshome.net>
> Sender: owner-hwg-techniques(at)hwg.org
> Precedence: bulk
> X-UIDL: oRd"!3jR"!h\h!!nR8!!
>
>
> My apologies if this is not the correct group.
>
> Today I received an email where the reply to address was from my domain
> - although it was not from my domain! Is there any way I can find out
> exactly where it came from to stop this from happening again?
>
> Is there any legal recourse I can take to prevent this?
>
> Any suggestions would be greatly appreciated.
>
> Thanks in advance!
> Juliana
> ---------end of complete, header'd message---------
>
HWG hwg-techniques mailing list archives,
maintained by Webmasters @ IWA