[Dshield] Spam Trek - The Next Generation
David.Sentelle at cnbcbank.com
Mon Jun 10 12:40:42 GMT 2002
(Sorry for the top-posting, but groupwise won't indent the message being replied to)
Ah, thanks for the note. I looked at the email again before deleting it this weekend, and it must have passed through an odd MTA, because there was no 'for <address>' portion. I'd also BCCed my posting to the dshield to my home address and saw how the header looked then, too. In my BCC to myself, I could seen where it was 'for <address>', so I'm not JUST a spaz. :)
Network Operations Specialist
Commerce National Bank
614.334.6282 Voice 614.848.8830 Fax
>>> "Jon R. Kibler" <Jon.Kibler at aset.com> 06/07/02 06:28PM >>>
David Sentelle wrote:
> While we're on the subject of spam.....
> I've not yet tried spamcop's or samspade's message header parsing programs, but usually I can look at the header and at LEAST figure out
> which of my email addresses the spam was sent to.
> Recently, I've gotten several emails where even that was not discernable. I'm going to try the tools mentioned in today's digest, but I
> don't expect them to turn up anything.
> My question is how can I get email that doesn't have my email address in the full header?
> TIA & good weekend to all-
If you are Bcc:-ed on a email, most sending MTAs will just do a 'RCPT <address>' and that will route the message to your address. Most receiving MTAs will then add a 'for <address>' to the Received: header.
Hope this helps.
This e-mail and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to which
they are addressed. If you have received this e-mail in error,
please notify admin at cnbcbank.com and delete it from your system.
More information about the list