homepage Welcome to WebmasterWorld Guest from 54.227.12.4
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Pubcon Platinum Sponsor 2014
Home / Forums Index / Hardware and OS Related Technologies / Linux, Unix, and *nix like Operating Systems
Forum Library, Charter, Moderators: bakedjake

Linux, Unix, and *nix like Operating Systems Forum

    
Security - mx server and job scams
oneill33




msg:4273294
 11:07 am on Feb 27, 2011 (gmt 0)

I'd like to find out if an email is a scam or not by looking at the email header and compare to look up MX information of the original domain, who the sender claims to be.
What information can be used to investigate, other than what I mention here ?

In the last email that I received about a job offer, the original header shows the email was send by a different mail smtp server than the domain name. I looked up on the MX server of the domain who claims to offer employment and it shows a different MX entry than what's in the email header. Its hard to know if the sender is authentic or not ?, but the offer is not suspicious.


( case study: For example, a little while ago I received another email from a different company, British American Tobacco, and it was one of those offers too good to be true and after some mail exchanges the other person did not respond anymore. Important is to never reveal the most important details about yourself in such a case, an advice for everyone!
When I checked original header of that mail it looked to originate from messagelabs.com, and I also looked up MX records and the company who also uses messagelabs.com for its mail server, but message labs customer care does only respond to clients so I could not investigate authenticity. Also on the contact page of BAC is a warning about scammers using their domain name, but its hard to guess if both entities use a paid mail service )

 

lammert




msg:4273301
 11:52 am on Feb 27, 2011 (gmt 0)

FWIW, all emails which I send are originating from another server--even on another continent--than the server specified in the MX record for those domains. Many other domains have such a setup where emails are sent via a local SMTP server but received on a central server. You should therefore look at other authenticity signals than the MX record.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Hardware and OS Related Technologies / Linux, Unix, and *nix like Operating Systems
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved