Security Basics mailing list archives

Re: Email headers

From: Luigi Grandini <l.grandini () sinergy it>
Date: Fri, 21 Feb 2003 02:14:42 +0100

There is a lot of documentation on the rfc on the mail header structure.
Normally in the mail header is write the "sending ip address of the 
mail" doesn't mean obviously it is the real ip ( spoofing / bouncing ). 

anyway:

Check RFC2505 BCP0030 ( Anti-Spam recommendation for SMTP MTAs ) is a 
nice brefiew of some recomandations. 
Normally i suggest if you have to install a mailserver to take care 
first of the policy to be "forced" to the employes and verify in your 
country if the policy are "law compliant" cause in a lot of cases i saw 
that virus are sent from the users you got ( this is common in italy 
were a lot of company don't have an antivirus installed on their 
network ).

At disposition.

Bye

Luigi Grandini
IT Security Evangelist
www.sinergy.it

----- Original Message -----
From: Marty <marti () videotron ca>
Date: Thursday, February 20, 2003 7:32 pm
Subject: Email headers

Hi group,

Could someone explain how to decipher Email header? How can we 
know the
real sender of spam or virus email?

Thanks,

Marty

Current thread:

Email headers Marty (Feb 20)
- RE: Email headers David Gillett (Feb 22)
- links for decoding e-mail headers Re: Email headers Nigel Dyson-Hudson (Feb 22)
- RE: Email headers John Tolmachoff (Feb 22)
- Re: Email headers Matti Haack (Feb 22)
- Re: Email headers Richard H. Cotterell (Feb 24)
- <Possible follow-ups>
- Re: Email headers Ivan Coric (Feb 20)
- Re: Email headers Luigi Grandini (Feb 22)
- RE: Email headers Vince Dang (Feb 22)
- RE: Email headers Lucas Zaichkowsky (Feb 22)