Security Basics mailing list archives

Re: Basically Lazy - Email Header Analysis

From: "David Vertie" <verticalrave () hotmail com>
Date: Tue, 27 May 2003 08:12:24 +0000

You can very easily write a dirty n quick parser to clip stuff from headersin Perl or PHP. It is not very hard to do, and will take someone experiencedwith data extrapolation only a good weekend or so.

But otherwise, I haven't seen very many e-mail header analysis tools in thewild. (Or it might be that i'm not looking hard enough.) There probably area couple of people who have coded some header analysis tools out there,because for many simple applications, come alot of applications..


David

From: "Andy Cuff [talisker]" <offthecuff () lineone net>
Reply-To: "Andy Cuff [talisker]" <talisker () networkintrusion co uk>
To: <security-basics () securityfocus com>
Subject: Basically Lazy - Email Header Analysis
Date: Sat, 25 Oct 2003 11:43:23 +0100

Hi

Whilst drowning my sorrows in the UK rain following our resounding defeatin

the Eurovision song contest (Politics in Europe surely not !!)  I have
turned my attention to email headers.

Whilst I'm quietly confident about manually analysing email headers,  I'm
looking for tools or web resources that will automate some of the process.
There are plenty of anti-spam resources such as http://combat.uxn.com/ and
http://www.spamhaus.org/ to identify spammers and there is the infamous Sam
Spade for testing Open Mail Relay Agents. There are a plethora of how-to's
and FAQ's about analysing headers manually.   But I haven't found many
resources that analyse the headers in sufficient accurate detail.

Personally I would rather run a tool on my own system than put my headers
through a 3rd party website but there are a few sites that seem to do it
fairly well such as http://www.3dmail.com/spam/ which whilst spam focussed

seems fairly comprehensive, though sadly a beta which hasn't been updatedin

a year.

Any recommendations websites or tools would be greatly appreciated, ifthere

is a sufficient response I will collate the information onto a new page for
the website below and post a summary to this list

cheers, and for the Brits have a good Bank Holiday Weekend I hope the
weather is better where you are!

take care
-andy
Taliskers Network Security Tools
http://www.networkintrusion.co.uk


---------------------------------------------------------------------------
Thinking About Security Training? You Can't Afford Not To!

Vigilar's industry leading curriculum includes:  Security +, Check Point,

Hacking & Assessment, Cisco Security, Wireless Security & more! RegisterNow!

--UP TO 30% off classes in select cities--
http://www.securityfocus.com/Vigilar-security-basics
----------------------------------------------------------------------------


_________________________________________________________________

STOP MORE SPAM with the new MSN 8 and get 2 months FREE*http://join.msn.com/?page=features/junkmail



---------------------------------------------------------------------------
----------------------------------------------------------------------------

Current thread:

Basically Lazy - Email Header Analysis Andy Cuff [talisker] (May 26)
- RE: Basically Lazy - Email Header Analysis David Gillett (May 27)
- Re: Basically Lazy - Email Header Analysis stefmit (May 27)
- Re: Basically Lazy - Email Header Analysis Jeremy Anderson (May 30)
- Re: Basically Lazy - Email Header Analysis J . Reilink (May 30)
- <Possible follow-ups>
- Re: Basically Lazy - Email Header Analysis Ian (May 27)
- Re: Basically Lazy - Email Header Analysis David Vertie (May 27)
- RE: Basically Lazy - Email Header Analysis Mike Heitz (May 27)