Anyone one here good with Outlook 2000? (internet headers)

OT: anything goes!

Moderator: Edi

Post Reply
User avatar
TrailerParkJawa
Sith Acolyte
Posts: 5850
Joined: 2002-07-04 11:49pm
Location: San Jose, California

Anyone one here good with Outlook 2000? (internet headers)

Post by TrailerParkJawa »

Have you noticed that the internet header messages in Outlook 2000 are pretty sparse compared to other email clients. ( Outlook Express, Opera, Netscape, etc. )

I sent an email from my yahoo account to verify this. OE shows much more info than Outlook 2000.

Does anyone know why the internet headers in Outlook 2000 seem to be cropped down? Is there a way to fix it?

Without the full header it makes it harder to find the source of Spammers and someone sending a virus like Klez that can spoof the replyto address.
Azeron
Village Idiot
Posts: 863
Joined: 2002-07-07 09:12pm

Post by Azeron »

the reply to/x-sender fields on an email header are pretty easy thing to screw around with. The smtp protocol is really simple to work with.

As for spoofing, I don't think you really understand the concept just right. Spoofing is sa TCP or UDP transport level malformation of the packet to look like it came from somewhere else.

bascially when you send data via say tcp, the protocol wraps the data in a "shell" which contaions various informatiion for comunication.

1 of the fields is the current IP address of the sender, changing that low level field to another value is what spoofing is. Headers on smtp wrappers are way too huihg level to be considered spoofing becasue checking internet logs of the smtp server reveals the true address of the sender.

if you want to look at outlook 2k headers just use the header viewer in outlook 2k. the reason why it has fewer headers than say hotmail or yahoo web based mail is becasue its really not that useful to tell you the truth. Most of the added headers have to do with the reciever of the email than the sender. Thats not really relevent to an outlook2k user.

just look at x-sender: to find out who sent it to you.
The Biblical God is more evil than any Nazi who ever lived, and Satan is arguably the hero of the Bible. -- Darth Wong, Self Proffessed Biblical Scholar
User avatar
TrailerParkJawa
Sith Acolyte
Posts: 5850
Joined: 2002-07-04 11:49pm
Location: San Jose, California

Post by TrailerParkJawa »

By spoofing I meant the sender's address is forged or the email attempts to misdirect tracing back to the source. Probably was not the best choice of words.

The reason Im even looking at that headers is beause every now and then we get accused of sending the Klez virus. It's not us, virus has its own SMTP engine which can send out an email and make it look like it came from someone else besides the originator. We also get Spammed (who doesnt) and its just fun to see where its really coming from as opposed to where they try to make you think its coming from. Ive noticed loads of spam come from Russia.

I still dont understand why O2K shows a minimal amount of info on the the header compared to OE, Netscape, etc. It is just nice to have the info available.
Azeron
Village Idiot
Posts: 863
Joined: 2002-07-07 09:12pm

Post by Azeron »

You do have the option to show more info on the header, just open a message and find the "view source" option. The change the name a bit, and the location in every version, but you will find it in a bit.

If they give you trouble about any virus. point out that they are probably not qualified to make any determination about smtp mail, and shoukld recieve additiojnal m$ training.

If they give you further flack, just tell them to filter out attachments and viruses in commonly infected file types.
The Biblical God is more evil than any Nazi who ever lived, and Satan is arguably the hero of the Bible. -- Darth Wong, Self Proffessed Biblical Scholar
User avatar
TrailerParkJawa
Sith Acolyte
Posts: 5850
Joined: 2002-07-04 11:49pm
Location: San Jose, California

Post by TrailerParkJawa »

If they give you further flack, just tell them to filter out attachments and viruses in commonly infected file types
Its amazing how many companies allow .exe, .pif, .bat, .scr, etc to flow through the email servers.

Currently we have been intercepting 5-15 instances of the Klez virus everyday. Most of them seem to be orginating from home users.
Azeron
Village Idiot
Posts: 863
Joined: 2002-07-07 09:12pm

Post by Azeron »

you forgot .com and .whs

yah well, thats what happens when you hire M$ certified. Most of these people don't have a clue on what they are doing.
The Biblical God is more evil than any Nazi who ever lived, and Satan is arguably the hero of the Bible. -- Darth Wong, Self Proffessed Biblical Scholar
User avatar
TrailerParkJawa
Sith Acolyte
Posts: 5850
Joined: 2002-07-04 11:49pm
Location: San Jose, California

Post by TrailerParkJawa »

etc (excetera) is a nice way of covering all the possible extentions I could not think of at the moment. :-)

We are currently blocking about 30 extentions on our Exchange server. Its funny, the greatest threat to our network is not company email, but from someone using Outlook Express or Hotmail to download personal email.

We would like to remove OE and/or block access to personal emails but it would never happen because of politics. :-)

Thats okay, luckily we have a pretty good group of users.
Azeron
Village Idiot
Posts: 863
Joined: 2002-07-07 09:12pm

Post by Azeron »

Yah I can imagine that, though I wouldn't go as far as 30 extensions. I think 10 - 14 would be enough. I just go after the executables.

I wouldn;t be too worried about webmail, hotmail and I beleive Yahoo mail, both use virus scanning software before you can dl it. I have seen it in action, and it seems to work.

To tell you the truth, perhaps its becasue I am a facist, I wiouldn't let anyone i have nternet access if I was running a company. (except IT and marketing) I would rip out every piece of amusing softrware espeically solatire, and email would be subject to random inspection. (a large sample I assure you). 90% of all employees I have ever met, do not need internhet access. All they really need is word/excel/powerpoint/outlook a phone and remote access to a secure FTP site from home so they can work there too.

The internet is the greatest waste of time that has ever been inveneted, corporate intranets websites are nearly worthless, depsite all the potential a regular buliten board by the water cooler would be more cost effective. Hell I can only imagine the cost savings on network load if I implemented an ultrafacist IT policy.

Alas, ohh yah in case you are wondering, I speicalize in working with data transfrers, banks and such, turning IBM iron into wintel/lintel silicon, flat to relational.

BTW did the view source thing work for you?
The Biblical God is more evil than any Nazi who ever lived, and Satan is arguably the hero of the Bible. -- Darth Wong, Self Proffessed Biblical Scholar
Post Reply