[CLUE-Tech] SMTP Envelope Question
Jed S. Baer
thag at frii.com
Sun Nov 10 14:34:01 MST 2002
Hi Folks.
I thought I understood enough about SMTP headers to track spam back to the
originiting machine, and thus identify the owner of the IP address. This
one has me scratching my head a bit.
Received: from redshift.com ([156.148.56.6])
by betades.freeserve.co.uk (8.9.3/8.9.3) with SMTP id 30243
The IP address 156.148.56.6 is owned by CERN. redshift.com has address
216.228.2.86. I have no idea what the (8.9.3/8.9.3) notation means.
Are spammers now using some hacked-up SMTP programs that forge data in the
initial envelope, or going through servers which intentionally mis-resolve
hosts/addresses?
jed
--
We're frogs who are getting boiled in a pot full of single-character
morphemes, and we don't notice. - Larry Wall; Perl6, Apocalypse 5
More information about the clue-tech
mailing list