[Dshield] Email Headers

Ed Truitt ed.truitt at etee2k.net
Fri Jun 7 13:05:07 GMT 2002

I run them through http://spamcop.net - this site has a pretty good header
analysis program, and you can also send out a pseudo-anonymous report to the
originator's abuse desk.

If the emails are legitimately coming from Yahoo!, Hotmail, and other
web-based services, there are ways of identifying the point of origin.  In
Hotmail's case, IIRC you look for the "X-Originating-IP" header (BTW, this
is also an easy way to see if someone is "spoofing" a Hotmail address).

Ed Truitt
PGP fingerprint:  5368 D25E 468C A250 9833  CCD6 DBAE 9C25 02F9 0AB9

"Note to spammers:  my 'delete' key is connected to YOUR ISP.
 Also, if you send me UCE, I reserve the right to post your spew
on my Web site, with the appropriate color commentary, so that
others may have a good laugh at your expense."

More information about the list mailing list