Help analyze this, how can she be hacked
Walter Dnes
waltdnes-SLHPyeZ9y/tg9hUCZPvPmw at public.gmane.org
Wed Dec 21 08:54:36 UTC 2011
On Wed, Dec 21, 2011 at 01:13:19AM -0500, Antonio Sun wrote
It's been years since I frequented NANAE, but my take is that you
trust only the topmost "Received:" header with an IP address.
> Received: from [117.195.97.137] by web88605.mail.bf1.yahoo.com via HTTP; Tue, 20 Dec 2011 12:24:44 PST
The 117.195.96.0/20 address block (117.192.0.0 - 117.207.255.255)
belongs to BSNL Internet in India, according to a whois lookup. Unless
she's in India, I doubt its her. Someone may have gotten at her
contact list, and be forging emails from her. Spammers will forge
emails from a person to everyone in their contact list. The idea is
that people are more likely to open emails from someone they know.
--
Walter Dnes <waltdnes-SLHPyeZ9y/tg9hUCZPvPmw at public.gmane.org>
--
The Toronto Linux Users Group. Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
More information about the Legacy
mailing list