Return-Path: Received: from post.thorcom.com (post.thorcom.com [195.171.43.25]) by mtain-me04.r1000.mx.aol.com (Internet Inbound) with ESMTP id 8CE133800009C; Sun, 8 Jan 2012 10:45:35 -0500 (EST) Received: from majordom by post.thorcom.com with local (Exim 4.14) id 1Rjuuu-0007k6-5I for rs_out_1@blacksheep.org; Sun, 08 Jan 2012 15:44:16 +0000 Received: from [195.171.43.32] (helo=relay1.thorcom.net) by post.thorcom.com with esmtp (Exim 4.14) id 1Rjuut-0007jx-2r for rsgb_lf_group@blacksheep.org; Sun, 08 Jan 2012 15:44:15 +0000 Received: from cmsout02.mbox.net ([165.212.64.32]) by relay1.thorcom.net with esmtp (Exim 4.63) (envelope-from ) id 1Rjuus-0005S6-6i for rsgb_lf_group@blacksheep.org; Sun, 08 Jan 2012 15:44:15 +0000 Received: from cmsout02.mbox.net (co02-lo [127.0.0.1]) by cmsout02.mbox.net (Postfix) with ESMTP id 7312F1340D5 for ; Sun, 8 Jan 2012 15:44:06 +0000 (GMT) X-USANET-Received: from cmsout02.mbox.net [127.0.0.1] by cmsout02.mbox.net via mtad (C8.MAIN.3.72B) with ESMTP id 398qaHPSD9056M02; Sun, 08 Jan 2012 15:44:03 -0000 X-USANET-Routed: 3 gwsout-vs Q:bmvirus Received: from cmsapps03.cms.usa.net [165.212.11.132] by cmsout02.mbox.net via smtad (C8.MAIN.3.72B) with ESMTP id XID420qaHPSD9250X02; Sun, 08 Jan 2012 15:44:03 -0000 X-USANET-Source: 165.212.11.132 IN dibene@usa.net cmsapps03.cms.usa.net X-USANET-MsgId: XID420qaHPSD9250X02 Received: from [127.0.0.1] [151.55.12.26] by cmsapps03.cms.usa.net (ESMTPSA/dibene@usa.net) via mtad (C8.MAIN.3.72B) with ESMTPSA id 233qaHPSc3072M39; Sun, 08 Jan 2012 15:44:02 -0000 X-USANET-Auth: 151.55.12.26 AUTH dibene@usa.net [127.0.0.1] Message-ID: <4F09B9C0.1010402@usa.net> Date: Sun, 08 Jan 2012 16:44:00 +0100 From: Alberto di Bene User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:9.0) Gecko/20111222 Thunderbird/9.0.1 MIME-Version: 1.0 To: rsgb_lf_group@blacksheep.org References: In-Reply-To: X-Enigmail-Version: 1.3.4 X-Antivirus: avast! (VPS 120108-0, 01/08/2012), Outbound message X-Antivirus-Status: Clean Z-USANET-MsgId: XID233qaHPSD3072X39 X-Spam-Score: 1.4 (+) X-Spam-Report: autolearn=disabled,HTML_MESSAGE=0.001,RATWARE_GECKO_BUILD=1.426 Subject: Re: LF: G4WGT Content-Type: multipart/alternative; boundary="------------090304080405060304010308" X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on post.thorcom.com X-Spam-Level: X-Spam-Status: No, hits=0.0 required=5.0 tests=HTML_MESSAGE autolearn=no version=2.63 X-SA-Exim-Scanned: Yes Sender: owner-rsgb_lf_group@blacksheep.org Precedence: bulk Reply-To: rsgb_lf_group@blacksheep.org X-Listname: rsgb_lf_group X-SA-Exim-Rcpt-To: rs_out_1@blacksheep.org X-SA-Exim-Scanned: No; SAEximRunCond expanded to false x-aol-global-disposition: G X-AOL-SCOLL-SCORE: 0:2:420425248:93952408 X-AOL-SCOLL-URL_COUNT: 0 x-aol-sid: 3039ac1d608c4f09ba1f1456 X-AOL-IP: 195.171.43.25 X-AOL-SPF: domain : blacksheep.org SPF : none This is a multi-part message in MIME format. --------------090304080405060304010308 Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit On 1/8/2012 2:23 PM, James Moritz wrote: > For your information - I seem to be receiving suspicious-looking e-mails > claiming to be from G4WGT, containing even more suspicious-looking links to > videos. But the sender's address is a Hotmail one, not Tiscali as normal. It happened to me too... I received claims by persons that knew who I2PHD is, saying that they received emails from i2phd@weaksignals.com (one of my email addresses) containing spam... of course not originated by me.... The problem is that it is too easy to forge the sender field of an email message... you don't even need to know what the password of the account is.... you just use a so-called open SMTP server, one that do not require authentication (and there are some, especially in the Eastern part of the world), and a simple PHP script, where you can put anything to your likes in the From: field. Using this technique, you can even send a message to a closed Yahoo group, pretending to be one of its members, and apparently it works... until the much discussed reverse authentication will be actually implemented, this is an inevitable risk exposure of the Internet world... 73 Alberto I2PHD --------------090304080405060304010308 Content-Type: text/html; charset=windows-1252 Content-Transfer-Encoding: quoted-printable On 1/8/2012 2:23 PM, James Moritz wrote: 
For your information - I seem to be receiving suspic=
ious-looking e-mails=20
claiming to be from G4WGT, containing even more suspicious-looking links =
to=20
videos. But the sender's address is a Hotmail one, not Tiscali as normal.=
It happened to me too...=A0 I received claims b= y persons that knew who I2PHD is, saying
that they received emails from=A0 i2phd@weaksignals.com=A0 (= one of my email addresses)
containing spam...=A0 of course not originated by me....

The problem is that it is too easy to forge the sender field of an email message...
you don't even need to know what the password of the account is....=A0 you just use
a so-called open SMTP server, one that do not require authentication (and there are
some, especially in the Eastern part of the world), and a simple PHP script, where
you can put anything to your likes in the From:=A0 field.=A0=A0 Usi= ng this technique, you can
even send a message to a closed Yahoo group, pretending to be one of its members,
and apparently it works...=A0 until the much discussed reverse authentication will be
actually implemented, this is an inevitable risk exposure of the Internet world...

73=A0 Alberto=A0 I2PHD
=A0
 --------------090304080405060304010308--