X-Gmail-Received: db99d6bc6afb04f3ce9a7c98f26f53aa49c431caGmail has no reference to my IP at all since im directly using Gmail's SMTP and my email client is configured not to add the originating IP in the mail header. So if you trace me you will just trace it back to Gmail but not to my Router's IP.
Received: by 10.37.20.48 with HTTP; Sat, 13 May 2006 03:04:47 -0700 (PDT)
Message-ID: <[EMAIL PROTECTED]>
Date: Sat, 13 May 2006 18:04:47 +0800
From: "Roger Filomeno" < [EMAIL PROTECTED]>
To: "Philippine Linux Users' Group (PLUG) Technical Discussion List" <[email protected] >
Subject: Re: [plug] Email origin
In-Reply-To: <[EMAIL PROTECTED]>
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_Part_8769_265309.1147514687337"
References: <[EMAIL PROTECTED] >
<[EMAIL PROTECTED]>
<[EMAIL PROTECTED] >
<[EMAIL PROTECTED]>
<[EMAIL PROTECTED] >
Delivered-To: [EMAIL PROTECTED]
------=_Part_8769_265309.1147514687337
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
On 5/13/06, Eri Mendz <[EMAIL PROTECTED]> wrote:
So what are you guys saying now: that it is *likely* to get forged emails using specialized means?
I still give myself benefit of the doubt and verify my remote contact through live interaction like phone calls and the like.
On Sat, 13 May 2006 18:04:47 +0800
"Roger Filomeno" <[EMAIL PROTECTED]> wrote:
> >The real kicker is using a customised smtp server or a network of smtp
> servers.
> you can use fsockopen to connect to an open relay server, then most
> servers also removes the client's sender IP in which case it will just
> lead you to a dead end at the mail server's IP
>
> :)
>
> On 5/13/06, Rogelio Serrano <[EMAIL PROTECTED]> wrote:
> >
> > On 5/13/06, Eri Mendz < [EMAIL PROTECTED]> wrote:
> > > So ang huling "Received: from" pala matutukoy. Pwde ba to ma forge or
> > no? In my case im looking at several emails that i have suspicion with
> > however the originating ip's point to the same location. The strange
> > thing is: in the email body the company address shown is different,
> > eg., UK ang office pero ang ip origin Nigeria. Possible ba to?
> > >
> > > Thank you Peter sa input mo.
> > >
> >
> > All headers in an smtp email can be forged.
> >
> > The "received from:" header chain cannot be forged though. Additional
> > entries can be added before the email is actually sent. and the real
> > ip can actually be found after the first few inserted headers.
> >
> > The real kicker is using a customised smtp server or a network of smtp
> > servers.
> >
> > The only practical way to protect yourself from forged smtp headers is
> > to use signed email or use x.400 ;-)
> >
> > I heard the us military is using x.400 email to send and receive data.
> > Even among planes and tanks. Imagine what it would be like if they
> > used smtp instead.
> >
> > --
> > www.smsglobal.net SMS Global Ltd Short Message Service For Seafarers
> > _________________________________________________
> > Philippine Linux Users' Group (PLUG) Mailing List
> > [email protected] (#PLUG @ irc.free.net.ph)
> > Read the Guidelines: http://linux.org.ph/lists
> > Searchable Archives: http://archives.free.net.ph
> >
>
>
>
> --
> --
> To contact me anytime and anywhere via SMS:
> MSG GODIE <YOUR MESSAGE>
> then send to 2948 for Globe/Sun and 3940 for Smart.
>
> You want to have your own Mobile Address like me? Get it FREE at
> www.Txtmokko.com
> --
> PUT YOUR ADS ON THE HAND OF 35 MILLION PEOPLE. GET YOUR DOMAIN FOR MOBILE
> AT http://www.TxtDOMAIN.com
> _
> Roger P. Filomeno
> Mobile Specialist / R&D
> http://corruptedpartition.blogspot.com/
>
> * Finger Apps Inc, http://fingerapps.com * TXTMOKKO,
> http://txtmokko.com* MyAyala,
> http://myayala.com * KayaMoney e-Commerce, http://kayamoney.com/ *
> KayaShop e-Market, http://kayamoney.com/shop/ * Registered Linux User #
> 367694 * PGP IDs: 0xCB5F3FF7 / 0xDF7D2589 ( http://keyserver.pgp.com)
>
_________________________________________________
Philippine Linux Users' Group (PLUG) Mailing List
[email protected] (#PLUG @ irc.free.net.ph)
Read the Guidelines: http://linux.org.ph/lists
Searchable Archives: http://archives.free.net.ph
--
--
To contact me anytime and anywhere via SMS:
MSG GODIE <YOUR MESSAGE>
then send to 2948 for Globe/Sun and 3940 for Smart.
You want to have your own Mobile Address like me? Get it FREE at www.Txtmokko.com
--
PUT YOUR ADS ON THE HAND OF 35 MILLION PEOPLE. GET YOUR DOMAIN FOR MOBILE AT http://www.TxtDOMAIN.com
_
Roger P. Filomeno
Mobile Specialist / R&D
http://corruptedpartition.blogspot.com/
* Finger Apps Inc, http://fingerapps.com * TXTMOKKO, http://txtmokko.com * MyAyala, http://myayala.com * KayaMoney e-Commerce, http://kayamoney.com/ * KayaShop e-Market, http://kayamoney.com/shop/ * Registered Linux User # 367694 * PGP IDs: 0xCB5F3FF7 / 0xDF7D2589 (http://keyserver.pgp.com)
_________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List [email protected] (#PLUG @ irc.free.net.ph) Read the Guidelines: http://linux.org.ph/lists Searchable Archives: http://archives.free.net.ph
