Being at a university with large mailing list setups, you get used to the hackers who use the mass mailouts to send you pharmaceutical crap emails, usually with the name of someone from the list on top. Today I got one from me.
Outlook lets you look at the internet headers under options (something I see the NCIS guys going on TV...and any other cop show for that matter), so I did, feeling all investigative. And lo and behold, one of the lines says "recieved from localhost (local host [series of numbers] (may be forged))"...I sent an email from myself and this line said "recieved from my computer name, mycomputer .proper university address"...no may be forged thing. There's also another line where message ID clashes with recieved from ID.
Now, what I'd like to know is, if the header can identify possible forgeries, why can't the university system flag these, stop them getting through and require a manual check from a wetware technical person to see if it can legitimately be passed on?
I can see why a fake outside name might not be picked up, but with internal people, the email addresses are known. Maybe its because so many people have multiple addresses, with setups to get return addresses to their alternative address.
I'd do without all that flash if it meant I didn't get so many viagra commercials.
BTW if you got something from me entitled "And Jerusalem, And I will not perish at noon", with a pharmaceutical advertisement in it, I didn't send it. So far as I know, I've never sent or recieved an email with those words in it either, so its not a hack into my email, just the system storing my email address.
No comments:
Post a Comment