Security Basics mailing list archives

Re: Basically Lazy - Email Header Analysis

From: J.Reilink <digiover () dsinet org>
Date: Fri, 30 May 2003 07:33:01 +0200

Hi Andy,

----- Original message -----
On Sat, 25 Oct 2003 11:43:23 +0100
"Andy Cuff [talisker]" <offthecuff () lineone net> wrote in message
<001d01c39ae4$d5af6ad0$e800a8c0@BusterGonad>:

Hi
Whilst drowning my sorrows in the UK rain following our resounding
defeat in the Eurovision song contest (Politics in Europe surely not
!!)  I have turned my attention to email headers.


Like the Netherlands did great.... Must say I have to visit Iceland
sometime... ;-)

Whilst I'm quietly confident about manually analysing email headers, 
I'm looking for tools or web resources that will automate some of the
process. There are plenty of anti-spam resources such as
http://combat.uxn.com/ and http://www.spamhaus.org/ to identify
spammers and there is the infamous Sam Spade for testing Open Mail
Relay Agents. There are a plethora of how-to's and FAQ's about
analysing headers manually.   But I haven't found many resources that
analyse the headers in sufficient accurate detail.


You have mentioned Sam Spade for testing Open Mail Relay Agents, Sam
Spade (the tool, not the site) also has an header analysis tool. It's
somewhere in the menu, called "parse headers" or something like that
(don't have a copy here atm).

The header parsing tool isn't perfect, last time I checked, but it
works.

Personally I would rather run a tool on my own system than put my
headers through a 3rd party website but there are a few sites that
seem to do it fairly well such as http://www.3dmail.com/spam/ which
whilst spam focussed seems fairly comprehensive, though sadly a beta
which hasn't been updated in a year.


Some mentioned SpamCop and I must say it works pretty good.
You could also write your own tool in whatever language you'd like, many
*nix commandline commands are at your disposal: host, vrfy, dig, etc.

Regards, Jan

-- 
Dutch Security Information Network: http://www.dsinet.org

---------------------------------------------------------------------------
----------------------------------------------------------------------------

Current thread:

Basically Lazy - Email Header Analysis Andy Cuff [talisker] (May 26)
- RE: Basically Lazy - Email Header Analysis David Gillett (May 27)
- Re: Basically Lazy - Email Header Analysis stefmit (May 27)
- Re: Basically Lazy - Email Header Analysis Jeremy Anderson (May 30)
- Re: Basically Lazy - Email Header Analysis J . Reilink (May 30)
- <Possible follow-ups>
- Re: Basically Lazy - Email Header Analysis Ian (May 27)
- Re: Basically Lazy - Email Header Analysis David Vertie (May 27)
- RE: Basically Lazy - Email Header Analysis Mike Heitz (May 27)