[Am-info] re: Companies

Geoffrey esoteric@3times25.net
Wed, 14 Aug 2002 11:41:30 -0400 

Joe Barr wrote:
> Can you check the headers and tell us who it is?

<responding to private email back to the list, since Joe suggested I 
'tell us who it is'>

I suspect it's an aol idiot, but I'm not sure.

As I understand it, both the to and from are spoofed.  This sucks 
because I'm getting email from other servers that are telling me that 
the email I sent is infected, when I never sent the email.  Klez ripped 
my email address out of someones Outlook address book and slapped it in 
as the sender.

I've heard that the X-Apparently-From: header identifies the true 
culprit, but I've not attempted to verify that.  In this case, it is:

X-Apparently-From: NoCodeVitalogy@aol.com

If you can decipher it better than I, here are the headers:

 From - Wed Aug 14 10:09:51 2002
X-UIDL: WIg"!X62"!oYO"!&G3"!
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
Return-Path: <Am-info@venice.essential.org>
Received: from rly-ip03.mx.aol.com (rly-ip03.mx.aol.com [64.12.138.7])
     by [65.82.36.73] (8.10.2/8.10.2) with ESMTP id g7EEBFi27376
     for <esoteric@3times25.net>; Wed, 14 Aug 2002 10:11:16 -0400
Received: from  logs-wa.proxy.aol.com (logs-wa.proxy.aol.com 
[205.188.192.14]) by rly-ip03.mx.aol.com (v87.21) with ESMTP id 
RELAYIN7-0814100145; Wed, 14 Aug 2002 10:01:45 -0400
Received: from Izrla (AC854586.ipt.aol.com [172.133.69.134])
     by logs-wa.proxy.aol.com (8.10.0/8.10.0) with SMTP id g7EDxIM100400
     for <esoteric@3times25.net>; Wed, 14 Aug 2002 09:59:18 -0400 (EDT)
Date: Wed, 14 Aug 2002 09:59:18 -0400 (EDT)
Message-Id: <200208141359.g7EDxIM100400@logs-wa.proxy.aol.com>
From: Am-info <Am-info@venice.essential.org>
To: esoteric@3times25.net
Subject: Companies.
MIME-Version: 1.0
Content-Type: multipart/alternative;
     boundary=EC8Pz0t9nwzs1yy9741
X-Apparently-From: NoCodeVitalogy@aol.com
X-UIDL: WIg"!X62"!oYO"!&G3"!



> 
> 
> On Wed, 2002-08-14 at 09:18, Geoffrey wrote:
> 
>>Well, someone on the list has the klez virus.  All you folks using the 
>>wrong OS should update your virus data files and run your virus checking 
>>software.
>>
>>-- 
>>Until later: Geoffrey		esoteric@3times25.net
>>
>>I didn't have to buy my radio from a specific company to listen
>>to FM, why doesn't that apply to the Internet (anymore...)?
>>
>>_______________________________________________
>>Am-info mailing list
>>Am-info@lists.essential.org
>>http://lists.essential.org/mailman/listinfo/am-info
> 


-- 
Until later: Geoffrey		esoteric@3times25.net

I didn't have to buy my radio from a specific company to listen
to FM, why doesn't that apply to the Internet (anymore...)?