Forged messages (was: TC May advertises cypherpunks as keeping your taxes from going to 'people of colour')
Jon 'Iain' Boone
boone at psc.edu
Mon Jan 17 11:23:30 PST 1994
Matthew J Ghio <mg5n+ at andrew.cmu.edu> writes:
>
> "gtoal at gtoal.com" <gtoal at pizzabox.demon.co.uk> writes:
>
> Note that pizzabox.demon.co.uk [158.152.8.236] doesn't tell where it got
> the message from. Could it have been longs.lance.colostate.edu? I
> liked Detweiler better when he just used anon.penet.fi.
Perhaps you just don't understand how headers work.
Often times, the machine which originats a message puts a header
in that says it "recieved" it *despite* the fact that the message
was originated on that machine. This happens (I believe) because
the mail agent submits the message to sendmail for sending. This
causes sendmail to tag it as "recieved" despite its origin on that
machine.
> P.S. I sent myself a test email by telnetting to pizzabox.demon.co.uk
> 25, but it identified the IP address I telnetted from... hopefully the
> site administrators at demon.co.uk have recognized the problem and taken
> steps to prevent further detweiling. But be on your lookout, this will
> only hold him off until he can find another SMTP port to spoof from.
Or, more likely, there was never a problem at pizzabox.demon.co.uk
and the message is either not forged or the forger submitted it
through another mechanism.
Jon Boone | PSC Networking | boone at psc.edu | (412) 268-6959
finger boone at psc.edu for PGP public key block
More information about the cypherpunks-legacy
mailing list