 |
 |
How to Interpret E-Mail Headers
When should you report a computer violation to StopIt?
Full headers can provide information about who sent a message, from what service provider, and the path the message took to get to you. It is important to include the full headers (rather than just the default display header) with any e-mail message forwarded to the StopIT address (abuse@gmu.edu). The following illustrates the difference between the default display header and the full header.
- Default display header
Subject: Topic of Message is inserted here
Date: Wed, 02 Jul 2003 14:06:06 -0400
From: Someuser@domain.name
Reply-To: recipient@domain.name <recipient@domain.name>
To: recipient@domain.name - Full header
Return-path: <service@paypal.com>
Received: from mail01.gmu.edu (mail01 [129.174.0.111])
by mserver2.gmu.edu (iPlanet Messaging Server 5.2 Patch 1 (built Aug 19 2002))
with ESMTP id <0HGJ0029SSKOPB@mserver2.gmu.edu> for username@ims-ms-daemon
(ORCPT username@mail.gmu.edu); Sun, 15 Jun 2003 20:12:24 -0400 (EDT)
Received: from portal.gmu.edu (portalmemo.gmu.edu [129.174.0.118])
by mail01.gmu.edu (iPlanet Messaging Server 5.2 Patch 1 (built Aug 19 2002))
with ESMTP id <0HGJ00279SKNWP@mail01.gmu.edu> for username@mail.gmu.edu
(ORCPT username@mail.gmu.edu); Sun, 15 Jun 2003 20:12:23 -0400 (EDT)
Received: from mx-c.gmu.edu (mx-c.gmu.edu [129.174.0.121])
by portal.gmu.edu (8.8.8/8.8.8) with SMTP id UAA06931 for <username@gmu.edu>;
Sun, 15 Jun 2003 20:12:23 -0400 (EDT)
Received: from ool-44c283ec.dyn.optonline.net(68.194.131.236)
by mx-c.gmu.edu via csmap id 4939; Sun, 15 Jun 2003 20:09:53 -0400 (EDT)
Date: Sun, 15 Jun 2003 23:18:54 +0000
From: Service <service@paypal.com>
Subject: Paypal Security Measures
In-reply-to: <HI5C7EACB3EDLG22@gmu.edu>
To: Username <username@gmu.edu>
Message-id: <2501IJ266AGJKAHE@paypal.com>
MIME-version: 1.0
Content-type: text/html; charset=Windows-1251
Content-transfer-encoding: 7BIT
References: <HI5C7EACB3EDLG22@gmu.edu>