[Dshield] Unidentifiable e-mail

Tony Earnshaw tonye at billy.demon.nl
Wed Jan 28 00:03:32 GMT 2004


tir, 27.01.2004 kl. 17.40 skrev Josh Tolley:

> It doesn't need a To line... The virus connects to a mail server, gives 
> it MAIL FROM and RCPT TO commands, and then gives it the text of the 
> email with whatever headers it wants, which the mail server entirely 
> ignores. Most email servers that I've messed with (not many) won't 
> modify those headers, or do anything at all with them. If you're writing 
> a Perl script or something to send email using sendmail or an 
> equivalent, the message you write goes through an SMTP client, which 
> often *does* look at the headers to know where to go. But once the 
> message gets to an SMTP server, anything apart from the Received header 
> is largely irrelevant.

I don't know *why* those who haven't ever looked at rfc[2]821 *dare* to
post things like this. Probably trying to emulate "Sir" Bill Gates.

--Tonni

-- 

mail: billy - at - billy.demon.nl
http://www.billy.demon.nl




More information about the list mailing list