[Techtalk] Reading Email headers

Jason Guidry jason at hilconet.com
Sat Apr 20 21:00:29 EST 2002


It looks like someone has decided that I don't have enough headaches and 
has started sending me viri.  Normally this would not bother me, but the 
problem is that the from line shows my email address on my website 
<jason at gmaestro.org>!

the email has been sent twice, from me, to me, containing some kind of 
virus.  I looked at the email source, but I can't figure out what's 
going on.

Can anyone help me figure out these headers so I can pinpoint what I 
need to yell at my hosting company about?

<start message>

 From - Sat Apr 20 20:40:48 2002
X-UIDL: 8b5be4b6a82a0200
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
Received: by hilcos02 (mbox jason)
  (with Cubic Circle's cucipop (v1.31 1998/05/13) Sat Apr 20 20:39:20 2002)
X-From_: sis at hongkong.com Sat Apr 20 19:32:29 2002
Received: from mail.itmom.com (mail.itmom.com [64.214.129.197])
	by hilcos01.hilconet.com (8.11.6/8.11.6) with SMTP id g3L0W9805514
	for <jason at hilconet.com>; Sat, 20 Apr 2002 19:32:12 -0500 (CDT)
Received: (qmail 71527 invoked by uid 89); 21 Apr 2002 00:28:14 -0000
Date: 21 Apr 2002 00:28:14 -0000
Message-ID: <20020421002814.71526.qmail at mail.itmom.com>
Delivered-To: jason at gmaestro.org
Received: (qmail 71520 invoked from network); 21 Apr 2002 00:28:09 -0000
Received: from unknown (HELO hongkong.com) (202.84.12.154)
   by mail.itmom.com with SMTP; 21 Apr 2002 00:28:09 -0000
Received: from Aktf([66.24.19.151]) by hongkong.com(JetMail 2.5.3.0)
	with SMTP id jm1043cc264ba; Sun, 21 Apr 2002 00:26:20 -0000
From: jason <jason at gmaestro.org>
To: jason at gmaestro.org
Subject: Sos!
MIME-Version: 1.0
Content-Type: multipart/alternative;
	boundary=M4rTJ77P7ArjCa9441gts990W2LB69X
Content-Length: 138959

--M4rTJ77P7ArjCa9441gts990W2LB69X
Content-Type: text/html;
Content-Transfer-Encoding: quoted-printable

<HTML><HEAD></HEAD><BODY>
<iframe src=3Dcid:Yzz5x1u46C441sg757O height=3D0 width=3D0>
</iframe>
<FONT></FONT></BODY></HTML>

--M4rTJ77P7ArjCa9441gts990W2LB69X
Content-Type: audio/x-midi;
	name=rocker_john[1].pif
Content-Transfer-Encoding: base64
Content-ID: <Yzz5x1u46C441sg757O>

This is followed by several hundred lines of gibberish.

any help is much appreciated.

-- 
Jason Guidry
http://www.gmaestro.org












More information about the Techtalk mailing list