[nmglug] originating IP for an @yahoo.com e-mail
Aaron
eunichs at boim.com
Thu Jun 7 17:18:10 PDT 2007
Gary Sandine wrote:
> On Wed, Jun 06, 2007 at 01:22:27PM -0600, Jason Schaefer wrote:
>
>> I don't know of any web-based mail that sends the senders ip in headers. The
>> headers always seem to report the hosts (yahoo) ip as the received from.
>>
my company, unfortunately, uses Yahoo Small Business for mail service.
The headers in the messages say something like:
(helo earwig) unknown host...
myYahooUsername at mycompany.com:12.34.56.78 accepted by
login:smtp.smallbus.yahoo.com...
It identified the Yahoo account that was authenticated by the yahoo SMTP
server, AND the IP
that the request came from. It shows my home IP when sending from home,
work from work,
and starbucks when sending from a starbucks...
Their AUTHENTICATING SMTP service accepts mail from ANYWHERE.
It does echo the authenticated account. It even allows me to spoof the
sender!
I bet they are deleting account from spammers all the time.
They must have filters/throttles to keep any one account from originating
a lot of mail.
>>>> On Jun 5, 2007, at 2:28 PM, Gary Sandine wrote:
>>>>
>>>>
>>>>> I have noticed that e-mails from Yahoo Web mail generally start with
>>>>> a header like:
>>>>>
>>>>> Received: from [71.222.227.237] by web38908.mail.mud.yahoo.com via HTTP;
>>>>>
>>>>> which indicates that the e-mail was likely composed on a computer in
>>>>> Albuquerque by a Qwest DSL customer with IP 71.222.223.237.
>>>>>
>>>>> Well, I'm interested in tracking down the origin of an e-mail from
>>>>> an @yahoo address, and the first header is:
>>>>>
>>>>> Received: from [206.190.52.38] by web57409.mail.re1.yahoo.com via HTTP;
>>>>>
>>>>>
Unfortunately, it does not seem to list the Yahoo account the way our
Yahoo Small business mail does...
But that originating IP may indeed go a long way toward identifying the
sender.
aaron
More information about the nmglug
mailing list