Security Incidents mailing list archives
Re: Yahoo mail
From: "Aaron D. Turner" <aturner () ONESECURE COM>
Date: Fri, 10 Nov 2000 11:48:43 -0800
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Pretty simple actually. Just look in the email headers of the email. You'll find a line like this right above the date/from fields in the headers: Received: from [xxx.xxx.xxx.xxx] by web10706.mail.yahoo.com where xxx.xxx.xxx.xxx is the IP address of the client web browser, NOT the yahoo.com server. - -- Aaron D. Turner Security Architect, OneSecure http://www.onesecure.com/ aturner () onesecure com work: 408-992-8045 cell: 408-314-9874 pub 1024D/1B57EB4D 2000-09-27 Aaron D. Turner <aturner () onesecure com> Key fingerprint = F90C BFB4 4404 5504 295D 4435 578B 1DD5 1B57 EB4D All emails by me are PGP signed; a lack of signature indicates a forgery. On Thu, 9 Nov 2000, Darren Welch wrote:
Hi everyone! Someone in our company received an email from a person at Yahoo mail. I want to track the source of the email but am I correct that the trace will only lead me to the smtp server at Yahoo. Is there a way to find out the IP address of the person before it got to the yahoo mail server without a subpeona? Thanks Darren Welch Information Security Administrator Wyeth Ayerst Laboratories Phone: 610-902-2676 welchd () labs wyeth com
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: Public key 0x1B57EB4D at: http://www.keyserver.net/en/ Filter: gpg4pine 4.1 (http://azzie.robotics.net) iEYEARECAAYFAjoMUR0ACgkQV4sd1RtX6008KACglOeGJbRpZyG+4TX+RQ0wFd0F 8A0AoJUU7la2khy6JdadEhe4SQGZB3oh =Brlw -----END PGP SIGNATURE-----
Current thread:
- Yahoo mail Darren Welch (Nov 11)
- Re: Yahoo mail Derick Schuetz (Nov 13)
- Re: Yahoo mail Sean Sosik-Hamor (Nov 13)
- Re: Yahoo mail Aaron D. Turner (Nov 13)
- Re: Yahoo mail Matt Wronkowski (Nov 13)
- <Possible follow-ups>
- Re: Yahoo mail J. Oquendo (Nov 13)