And a good way to get mail delivered to your destination of choice without paying postage...
Or so I hear ;) (old college trick). Stan Lyzak BSEE, CISSP, MCSE�, CCNA, Security+, A+ Network Security Engineer ASysTech, Inc. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mike Callahan Sent: Thursday, February 26, 2004 2:38 PM To: [EMAIL PROTECTED] Subject: RE: [IMail Forum] Netsky question I find myself explaining this to non-technical folks a lot. I found that the best way to explain it is to tell them that it's like sending out 100 pieces of mail (snail mail) to random address and putting someone else's return address on the envelope. This way anything that cannot be delivered is returned to someone else and not to you. People seem to understand this really well. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Stanley Lyzak Sent: Thursday, February 26, 2004 11:06 AM To: [EMAIL PROTECTED] Subject: RE: [IMail Forum] Netsky question I have a follow up point to make on this. The virus may not forge the IP address, but it does forge the email address/domain name of the apparent sender. In the email you receive with the virus, it will record the IP of the sending mail server. If the sent to user/domain is non-existent, a bounce message will be sent back to the faked person's IP (not the IP of the real person sending the virus) based on the domain name information. So if it's not a bounce message, you have the right IP of who sent you the virus message. If it's a bounce message, you have the IP of the person the virus was targeted to- but who rejected it and sent it back to you instead of the person who sent it out in the first place. This is the reason I have to explain this problem, over and over again to a lot of people. It's a difficult point to get across to a non-technical person (and some technical ones that don't understand SMTP and DNS). Keeps us busy though :) Stan Lyzak BSEE, CISSP, MCSE�, CCNA, Security+, A+ Network Security Engineer ASysTech, Inc. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of R. Scott Perry Sent: Thursday, February 26, 2004 10:29 AM To: [EMAIL PROTECTED] Subject: Re: [IMail Forum] Netsky question >Is any virus able to forge the ip from in the header? No. No virus forges the IP address, nor is it expected that any ever will. It is extremely difficult (nearly impossible) to forge the IP address. The IP address is the one completely reliable piece of information about an E-mail that is received that contains a virus. -Scott --- Declude JunkMail: The advanced anti-spam solution for IMail mailservers since 2000. Declude Virus: Catches known viruses and is the leader in mailserver vulnerability detection. Find out what you've been missing: Ask for a free 30-day evaluation. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
