vision2020
Spam Mail
- To: vision2020@moscow.com
- Subject: Spam Mail
- From: David Camden-Britton <davidcb@turbonet.com>
- Date: Tue, 29 Oct 2002 10:04:41 -0800
- Resent-Date: Tue, 29 Oct 2002 10:06:20 -0800 (PST)
- Resent-From: vision2020@moscow.com
- Resent-Message-ID: <q45qlB.A.F-J.Z4sv9@whale2.fsr.net>
- Resent-Sender: vision2020-request@moscow.com
In case you don't see all the neat things going on with an e-mail header,
here's a comparison between Dale Courtney's legitimate message to Bill
London, and the original spam message that was sent in Bill's name.
Important differences have been highlighted.
[Legitimate Message Header]
Resent-Date: Tue, 29 Oct 2002 05:21:58 -0800 (PST)
From: "Dale Courtney" <dmcourtn@moscow.com>
To: <vision2020@moscow.com>
Subject: RE: Gasb34 What is Asset Management & why does it matter?
Date: Tue, 29 Oct 2002 05:21:48 -0800
X-Mailer: Microsoft Outlook, Build 10.0.4024
Importance: Normal
X-Mailing-List: <vision2020@moscow.com> archive/latest/4040
[Forged "From" Field]
Resent-Date: Tue, 29 Oct 2002 00:26:03 -0800 (PST)
Subject: Gasb34 What is Asset Management & why does it matter?
Sender: "Webamster" <ams@gasb34.us>
Date: Tue, 29 Oct 2002 00:21:03 -0800
To: vision2020@moscow.com
From: london@moscow.com
Reply-to: vision2020@moscow.com
X-Mailing-List: <vision2020@moscow.com> archive/latest/4039
====================================================================
The fields in blue are interesting because they show what e-mail client
Dale was using. As for the red, that's the original sender of the
message. The "From" field was filled in with Mr. London's name,
and ta-da, spam that appears to come from someone else. A legit message
from Bill has these fields, since he is using Mozilla's e-mail
client:
X-Mailer: Mozilla 4.5 [en]C-CCK-MCD (Win98; I)
X-Accept-Language: en
So, poking through the message headers can often be a rather interesting
diversion for a gloomy grey morning.
---
David Camden-Britton -=)*(=- davidcb@turbonet.com
Back to TOC