> Is there ANY way to trace back fake emails? Are there for example
> system files that record connections to SMTP, thus allowing to
> trace who used fakemail originating from a certain machine?
I think that your "normal" mail agent (elm, mail mailx) connects to
SMTP. If you want to fake a mail, it's a raw connection on SMTP port
number that you'd have to trace. That's hard to make the difference !
Quote:> Is there a way to find out which machine was used to send
> the fakemail? etc.....
When I receive a faked mail,
- I save it
- I watch out for the original machine that has posted the mail
( it appears on thae header )
- eventually, I compare the sender name with the result of a "last"
command grepped with the name if it is a local mail (which is often the
case in this matter ...).
Perhaps a script would prove useful to automate such a sequencial process.
hope this helps.
__________________________ `o O'
\ \ Ader239, ENAC, 7 av E.Belin, 31055 TOULOUSE (FRANCE)\
\ \ you can find me at #62175852 ... if you're lucky \