General discussion

Locked

View SMTP commands of incoming spam

By nosrednaanit ·
Does anyone know of a utility that will allow me to view the SMTP commands of a spammed e:mail? We are curious as to which of our "public" e:mail addresses are being spammed. For example, a spam to the "sales@xyz.com" will go to many people, and most spam is BCC'd to that address. When you do a 'view options' in Outlook, you see the email header - but those are not the actual SMTP commands used to address the email when the external program is talking to an email server. I want to know if those commands can be recorded as a part of the header (or something). TIA

This conversation is currently closed to new comments.

9 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

View SMTP commands of incoming spam

by Henington In reply to View SMTP commands of inc ...

SMTP is relatively simple, hence the name SIMPLE mail Transfer protocol. There are only like 10 commands or so.

HELLO
MAIL
RCPT
DATA
RSET
SEND
SOML
SAML
VRFY.. Ectera. You can view the RFC on SMTP at the following site,

http://www.marlant.hlfx.dnd.ca/Connected/RFC/821/15.html

Or do a search for RFC, SMTP.

If you are having problems with spam to a public distribution list eg: sales@yz.com open exchange administrator, go to the SALES distribution list, right click go into properties and under the RESTRICTION tab there will be the option to Accept Mail From: List, or Everyone. Check the LIST button and list the accounts you want to have access to that distribution list.

Good Luck

Collapse -

View SMTP commands of incoming spam

by nosrednaanit In reply to View SMTP commands of inc ...

Thanks for the info, but that's not quite what I need. I want to view the actual SMTP command string in the header of a spammed e:mail to find out which distribution list the message was sent to. Many of us here are members of multiple groups, so it's impossible to tell which group it is by who receives it. I want to see the actual SMTP command string that shows who it was sent to. Does that make my question clearer? Thx.

Collapse -

View SMTP commands of incoming spam

by Henington In reply to View SMTP commands of inc ...

What email viewing program are you using? With Outlook 2000 you can save your message as a text file and view who the email is being sent to.

Collapse -

View SMTP commands of incoming spam

by nosrednaanit In reply to View SMTP commands of inc ...

I am using Outlook 2000, but this doesn't work if the spammer is particularly devious.

Collapse -

View SMTP commands of incoming spam

by cscript In reply to View SMTP commands of inc ...

If you are using an unix sendmail gateway. It will be VERY easy. Just turn logging in the sendmail.cf file up to 9 or so and look at your syslog or maillog (depending on what you wanted to call it)

If you are using an IMS only <sigh- when will they ever learn> it is much more difficult. You can try tracking the message using the admin tool on the IMS that it came in on.

I am sending you my number via your email address. Spammers are my specialty ;-)
I am the gateway admin for my company. We handle about 250,000 incoming emails a day.
MORE than half is spam :-(

Collapse -

View SMTP commands of incoming spam

by nosrednaanit In reply to View SMTP commands of inc ...

The question was auto-closed by TechRepublic

Collapse -

View SMTP commands of incoming spam

by estebandelatorre In reply to View SMTP commands of inc ...

usually a spam mail is being delivered not from an email host.
This means that you connect to a relying host first, and then discharge a malformed message, Since his smtp hardware does not hold that domains, if followed the info to the destination domain.
This tricky allows spamers to hide it's senders address, and that's why there's a lot of info on how to disable relay agent functions into your email servers.

Collapse -

View SMTP commands of incoming spam

by nosrednaanit In reply to View SMTP commands of inc ...

The question was auto-closed by TechRepublic

Collapse -

View SMTP commands of incoming spam

by nosrednaanit In reply to View SMTP commands of inc ...

This question was auto closed due to inactivity

Back to Software Forum
9 total posts (Page 1 of 1)  

Related Discussions

Related Forums