Chuck Carson writes: > 2) This FAQ is _light years_ behind current software engineering. EVERY > piece of data transferred via any form of network (ie: the internet) is > broken into packets and these packets contain two addresses. Where it is > going and where it is from. This is much deeper than netscape mail or any > other mail program deals with. If you wanted to alter the packet addresses > you would have to be on a backbone reuter, such as sprintnet machines. > (yea you can alter it from your machine or server, but the backbone machines > append it's stamp to each packet) [annoying buzzer like The Price is Right] This is all very nice, but it's irrelevant because nobody keeps logs detailing the source, destination, and content of every IP packet that traverses the net. The FAQ that was posted, while off-topic and far from comprehensive, actually does a good job of explaining the basics of how internet mail is forged, and could be recommended reading for anyone who wants to understand the core techniques. I would suggest that any further forged messages be forwarded by the victim (with all header information intact and a brief note explaining the problem) to "postmaster" at whatever domains are mentioned in the mail header. The full header information, combined with the content of the appropriate syslogd file on the indicated mail host, will often be enough to pinpoint the culprit. Edward Almasy Axis Data almasy@axisdata.com +-----------------------------------------------------------+ | Ensure that you have read the CircleMUD Mailing List FAQ: | | http://cspo.queensu.ca/~fletcher/Circle/list_faq.html | +-----------------------------------------------------------+
This archive was generated by hypermail 2b30 : 12/18/00 PST