Searching imap store headers in outlook 2003

Discussion in 'NZ Computing' started by Richard, Oct 27, 2006.

  1. Richard

    Richard Guest

    been several viruses emailed to me from a certain IP address - I want to
    search all messages in my imap folder for the address to see what real
    emails have come thru it so that I can send them an email and tell them
    to stop it and to sort their shit out

    Funnily enough the guilty IP - 222.152.16.203 is an xtra jetstream IP
    address, so obviously there blanket blocking of port 25 is doing sweet
    **** all as to stopping spam and viruses...
     
    Richard, Oct 27, 2006
    #1
    1. Advertising

  2. Richard

    NR Guest

    Richard wrote:
    > been several viruses emailed to me from a certain IP address - I want to
    > search all messages in my imap folder for the address to see what real
    > emails have come thru it so that I can send them an email and tell them
    > to stop it and to sort their shit out
    >
    > Funnily enough the guilty IP - 222.152.16.203 is an xtra jetstream IP
    > address, so obviously there blanket blocking of port 25 is doing sweet
    > **** all as to stopping spam and viruses...


    I don't think you are approaching this the right way. You cannot
    establisgh the sender of an email from the IP address it CLIAIMS to
    have come from.
     
    NR, Oct 28, 2006
    #2
    1. Advertising

  3. In message <>, NR wrote:

    > Richard wrote:
    >> been several viruses emailed to me from a certain IP address - I want to
    >> search all messages in my imap folder for the address to see what real
    >> emails have come thru it so that I can send them an email and tell them
    >> to stop it and to sort their shit out
    >>
    >> Funnily enough the guilty IP - 222.152.16.203 is an xtra jetstream IP
    >> address, so obviously there blanket blocking of port 25 is doing sweet
    >> **** all as to stopping spam and viruses...

    >
    > I don't think you are approaching this the right way. You cannot
    > establisgh the sender of an email from the IP address it [CLAIMS] to
    > have come from.


    You can trust "Received:" lines, provided they come from a trusted source,
    e.g. your ISP's own servers. The last "Received:" line inserted by your ISP
    will give a good indication of where the message came from.

    It would be worth while for Richard to post the complete headers of an
    example message, to illustrate this point.
     
    Lawrence D'Oliveiro, Oct 28, 2006
    #3
  4. Richard

    Rob Guest

    Lawrence D'Oliveiro wrote:
    > In message <>, NR wrote:
    >
    >> Richard wrote:
    >>> been several viruses emailed to me from a certain IP address - I want to
    >>> search all messages in my imap folder for the address to see what real
    >>> emails have come thru it so that I can send them an email and tell them
    >>> to stop it and to sort their shit out
    >>>
    >>> Funnily enough the guilty IP - 222.152.16.203 is an xtra jetstream IP
    >>> address, so obviously there blanket blocking of port 25 is doing sweet
    >>> **** all as to stopping spam and viruses...

    >> I don't think you are approaching this the right way. You cannot
    >> establisgh the sender of an email from the IP address it [CLAIMS] to
    >> have come from.

    >
    > You can trust "Received:" lines, provided they come from a trusted source,
    > e.g. your ISP's own servers. The last "Received:" line inserted by your ISP
    > will give a good indication of where the message came from.
    >
    > It would be worth while for Richard to post the complete headers of an
    > example message, to illustrate this point.


    Quite probably the ip address quoted is infected with the same virus and
    is sending without the user being aware of it. It would be politic to
    let them know their machine has been compromised and urge them to
    disinfect it.

    --
    Rob


    A computer lets you make more mistakes faster than any invention in
    human history - with the possible exceptions of handguns and tequila.
    (Mitch Radcliffe)
     
    Rob, Oct 28, 2006
    #4
  5. In message <4542fbc7$>, Rob wrote:

    > Quite probably the ip address quoted is infected with the same virus and
    > is sending without the user being aware of it. It would be politic to
    > let them know their machine has been compromised and urge them to
    > disinfect it.


    Except there's a 99% chance it's a clueless Dimdows user who would have no
    idea what the hell you're talking about. Easier to just complain to their
    ISP and let them sort it out.
     
    Lawrence D'Oliveiro, Oct 28, 2006
    #5
  6. Richard

    Richard Guest

    NR wrote:

    >> Funnily enough the guilty IP - 222.152.16.203 is an xtra jetstream IP
    >> address, so obviously there blanket blocking of port 25 is doing sweet
    >> **** all as to stopping spam and viruses...

    >
    > I don't think you are approaching this the right way. You cannot
    > establisgh the sender of an email from the IP address it CLIAIMS to
    > have come from.
    >


    Yes I can when it my MX reporting where the connection came from, there
    were about 3 more lines of forged crap after that one.
     
    Richard, Oct 29, 2006
    #6
  7. Richard

    Richard Guest

    Lawrence D'Oliveiro wrote:
    > In message <4542fbc7$>, Rob wrote:
    >
    >> Quite probably the ip address quoted is infected with the same virus and
    >> is sending without the user being aware of it. It would be politic to
    >> let them know their machine has been compromised and urge them to
    >> disinfect it.

    >
    > Except there's a 99% chance it's a clueless Dimdows user who would have no
    > idea what the hell you're talking about. Easier to just complain to their
    > ISP and let them sort it out.


    Yeah, but if I can identify who it is from other emails from them, I can
    send them an email telling them to remove my address from their
    addressbook as they no longer require it since the trade (its my trademe
    address) is now complete.
     
    Richard, Oct 29, 2006
    #7
  8. In message <45449d69$>, Richard wrote:

    > Lawrence D'Oliveiro wrote:
    >> In message <4542fbc7$>, Rob wrote:
    >>
    >>> Quite probably the ip address quoted is infected with the same virus and
    >>> is sending without the user being aware of it. It would be politic to
    >>> let them know their machine has been compromised and urge them to
    >>> disinfect it.

    >>
    >> Except there's a 99% chance it's a clueless Dimdows user who would have
    >> no idea what the hell you're talking about. Easier to just complain to
    >> their ISP and let them sort it out.

    >
    > Yeah, but if I can identify who it is from other emails from them...


    Which seems unlikely. "Received:" lines don't specify any sending e-mail
    address, and "From:" lines are almost certainly going to be forged.
     
    Lawrence D'Oliveiro, Oct 29, 2006
    #8
  9. Richard

    Richard Guest

    Lawrence D'Oliveiro wrote:

    >> Yeah, but if I can identify who it is from other emails from them...

    >
    > Which seems unlikely. "Received:" lines don't specify any sending e-mail
    > address, and "From:" lines are almost certainly going to be forged.


    But other emails from the same IP would help, which is why I wanted to
    search the headers for that same IP, but it seems outlook doesnt let me.
    I am thinking about trying seamonkey and see if it fares any better, but
    I am not liking the idea of downloading all the messagebodies again just
    to try it so am hoping someone else can give a yes or no on any other
    mail programs since there are a few 100 meg in that imap account.
     
    Richard, Oct 29, 2006
    #9
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Simon Badway

    IMAP & HTTP functionality via outlook for email

    Simon Badway, Nov 29, 2003, in forum: Computer Support
    Replies:
    1
    Views:
    475
    anthonyberet
    Nov 30, 2003
  2. phrcf

    Netscape IMAP e-mail into Outlook?

    phrcf, Mar 4, 2004, in forum: Computer Support
    Replies:
    2
    Views:
    544
    Dan Shea
    Mar 4, 2004
  3. Chad Edwards

    Searching headers in the google archives

    Chad Edwards, Aug 27, 2004, in forum: Computer Support
    Replies:
    6
    Views:
    572
    Shane Matthews
    Aug 27, 2004
  4. Julie P.

    How to configure Outlook Express for IMAP?

    Julie P., Jan 27, 2005, in forum: Computer Support
    Replies:
    2
    Views:
    1,965
    Sigel
    Jan 27, 2005
  5. Kong_1

    Outlook IMAP to AOL

    Kong_1, Jul 8, 2006, in forum: Computer Support
    Replies:
    1
    Views:
    504
    Dingus
    Jul 17, 2006
Loading...

Share This Page