On Mon, 22 Dec 2003, Leonard den Ottolander wrote: > Hello Chris, > > > Just by cleaning out the original text and addresses and > > everything that is seen is not the way to do it. Also, do you > > mean that there are still hidden headers in the original > > message that are retained and direct the message? and that's > > how and why it's considered hijack(ed)?!? > > Indeed. In particular the In-Reply-To: header which is used to > sort mails by thread. Most mailers have a 'show headers' option in the viewer. I have attached some of the header lines from the previous message for inspection. You can see the "In-Reply-To:" header. It is possible to build a linked list of messages (a thread) from the information in the header lines: Message-ID: <3FE737FD.9984.1344B1@localhost> References: <3FE4F91A.5040009@xxxxxxxxx> In-reply-to: <1072111250.2118.13.camel@redhat90> Look at the header lines in my reply, compare and contrast. Some threading tools can show multiple threads if there are multiple replies to a single message. Some threading tools simply watch the Subject and or the Date lines. Some mail and news readers can kill a thread or flag your interest in a thread. Anyhow if you want to start a clean "new thread" compose a new message, not a reply to an existing one. I do not know of a tool that lets you kill the "In-Reply-To:" header. Does anyone? === snip old headers === Received: from hnexfe08.hetnet.nl (hnexfe08.hetnet.nl [195.121.6.174]) by mx1.redhat.com (8.11.6/8.11.6) with SMTP id hBMHTNA28861 for <fedora-list@xxxxxxxxxx>; Mon, 22 Dec 2003 12:29:23 -0500 Received: from localhost ([62.166.41.135]) by hnexfe08.hetnet.nl with Microsoft SMTPSVC(5. 0.2195.5329); Mon, 22 Dec 2003 18:29:17 +0100 F From: "Leonard den Ottolander" <leonardjo@xxxxxxxxx> To: fedora-list@xxxxxxxxxx MIME-Version: 1.0 Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Subject: Re: Hijacking (was PERL or PYTHON?) Message-ID: <3FE737FD.9984.1344B1@localhost> Priority: normal References: <3FE4F91A.5040009@xxxxxxxxx> In-reply-to: <1072111250.2118.13.camel@redhat90> X-mailer: Pegasus Mail for Win32 (v3.12c) X-OriginalArrivalTime: 22 Dec 2003 17:29:17.0657 (UTC) FILETIME=[20809490:01C3C8B1] X-loop: fedora-list@xxxxxxxxxx Sender: fedora-list-admin@xxxxxxxxxx Errors-To: fedora-list-admin@xxxxxxxxxx X-BeenThere: fedora-list@xxxxxxxxxx X-Mailman-Version: 2.0.13 Precedence: junk Reply-To: fedora-list@xxxxxxxxxx List-Help: <mailto:fedora-list-request@xxxxxxxxxx?subject=help> List-Post: <mailto:fedora-list@xxxxxxxxxx> List-Subscribe: <http://www.redhat.com/mailman/listinfo/fedora-list>, === end snip old headers === It is good to get in the habit of looking at headers. Spam and other mail badness can be deduced from headers (including MIME headers). Some headers can be used to discover if the message was 'strange'. If you suspect a bad message isolate the message for a couple days so the virus detector guys can catch up. Looking at the "Received: from" lines and other mail meta data is often telling. Nifty HTML mail can contain lines that fetch one pixel encoded images that will verify that you 'saw' the message. For spammers this is gold and is only part of the reason that most unix guys HATE html. Save a spam message and inspect it with a pure text tool like less, more, pg, view... to see what I mean. Look for lines like: http://us.click.bohoo.com/CODE/NOCLICKME/NOTHANKS/FLATWRONG/FU17417k55j5 If you have looked at such a message there may be little additional harm in looking at the individual lines again one at a time in your browser. You can then see see how the message was concocted and sniff out what it is doing. After looking at a couple bad-guy messages you will begin to hate HTML too. I wonder if my HTML comment and subject line changes screwed up this thread. The HJ word in the original subject line may have already made it impossible for us to board a travel conveyance this holiday. I would like to avoid that.... Look into elm, pine, Mail, mail, and other pure text mail tools. Some co-exist with GUI tools, some GUI tools co-exist with text tools. You can test setups and interactions with a dummy user on your machine. Regards, TomM PS: N.B. (note well) the list management lines. The List-Help line is especially helpful. -- T o m M i t c h e l l mitch48 -a*t- yahoo-dot-com
