sobig and MS headers
Julian Field
mailscanner at ecs.soton.ac.uk
Tue Aug 19 17:40:47 IST 2003
At 17:37 19/08/2003, you wrote:
>On Tuesday 19 August 2003 4:28 pm, Julian Field wrote:
>
> > Can a few people please do a bit of investigation for me into header
> > tracking and see if this definitely is a case of headers being faked?
> > I would be very interested if I am famous/notorious enough that the virus
> > writers are trying to get at me.
>
>Yes, I can confirm this too.
>
>Here are the original headers of an email as it arrived on my server, before
>it got scanned by my MailScanner:
>
> Received: from coll.pair.com (coll.pair.com [209.68.1.53])
> by Beryl.Rockstone.co.uk (8.11.4/8.11.4) with SMTP id h7JGEYr12229
> for <traveleshop at lindawatts.co.uk>; Tue, 19 Aug 2003 17:14:34 +0100
> Message-Id: <200308191614.h7JGEYr12229 at Beryl.Rockstone.co.uk>
> Received: (qmail 9747 invoked by uid 22276); 19 Aug 2003 16:14:34 -0000
> Delivered-To: rachael-traveleshop:com-WebMaster at TravelEShop.com
> Received: (qmail 9552 invoked from network); 19 Aug 2003 16:14:19 -0000
> Received: from mailgate.bvca.co.uk (HELO MARY-JANE) (62.49.96.186)
> by coll.pair.com with SMTP; 19 Aug 2003 16:14:19 -0000
> From: <hitheredavehume at hotmail.com>
> To: <WebMaster at TravelEShop.com>
> Subject: Re: Re: My details
> Date: Tue, 19 Aug 2003 17:12:53 +0100
> X-MailScanner: Found to be clean
> Importance: Normal
> X-Mailer: Microsoft Outlook Express 6.00.2600.0000
> X-MSMail-Priority: Normal
> X-Priority: 3 (Normal)
> MIME-Version: 1.0
> Content-Type: multipart/mixed;
> boundary="_NextPart_000_01CEAFFF"
>
>As you can see, the order in which the headers appear clearly show that the
>"X-MailScanner: Found to be clean" was included by the sender, not appended
>by a mail server somewhere along the way :)
I guess someone out there is trying to say "Hello"...
In that case, "Hello" to you. I would say I'm pleased to meet you, but I'm
not. I wish we lived in a world where MailScanner wasn't necessary.
--
Julian Field
www.MailScanner.info
MailScanner thanks transtec Computers for their support
More information about the MailScanner
mailing list