[Dshield] Can an SMTP Client be Spoofed?

David Cary Hart DShield at TQMcube.com
Mon Apr 24 15:29:36 GMT 2006


While I realize that headers are subject to manipulation, I have
always assumed that the IP address of the connecting machine (as
represented in the mail log) has an extraordinary probability of
being correct. Is my assumption valid?

Getting back to the headers, has anyone seen a situation where the
client depicted in the email headers does not match the client
depicted in the logs?

-- 
Our DNSRBL - Eliminate Spam: http://www.TQMcube.com
Multi-RBL Check: http://www.TQMcube.com/rblcheck.php
The Dirty Dozen Spammiest Ranges: http://tqmcube.com/dirty12.php



More information about the list mailing list