✉Re: an interesting article
elson at pico-systems.com
Tue Jul 25 11:54:12 CDT 2017
On 07/25/2017 09:57 AM, Paul Koning via cctalk wrote:
>> On Jul 25, 2017, at 10:50 AM, geneb via cctalk <cctalk at classiccmp.org> wrote:
>> On Tue, 25 Jul 2017, Leigh Paulson via cctalk wrote:
>>> I've just found that article and thought it might be really helpful to you, you may find it here http://coffeesystem.malware/principal.php?4647
>>> Warm regards, Leigh Paulson
>> Jay, I'll take "EMail Accounts That Have Been Comprimised" for $200.
> Be careful with that assumption. It is very common for criminal email to have forged source addresses. Just like it's common for criminal phone calls to have forged caller IDs. A look at the routing headers will often give you a clue; most of the time the source of the message is some nameless third world computer nowhere close to the server responsible for the faked sender address.
Yup, I get "unable to deliver email" messages from mail
servers all the time, saying that a message I sent could not
be delivered. Sometimes they show the full headers, and the
IP the original message came from was clearly not mine.
At least most US ISPs now dump all mail that does not show a
From: address within their network. A pain when you are on
the road, but it does cut down on the spam.
More information about the cctalk