You might also consider reading Brother, Can You Spare 420 Billion Dimes? [Seeking Alpha] or Land at Williams Lake - Then and Now.
Oh widely traveled email
The path an email takes from sent to received is an interesting one. For instance, I am on a mailing list from the USDA where I get crop and livestock report updates for Indiana. The email comes to my work address and is then automatically forwarded on to my home address. Along the way it is forwarded, checked for viri, determined to be (or not to be) spam, and who knows what else. Below are the headers, a part of the email most people never look at.
Return-Path: <owner-usda-in-all-reports@newsbox.usda.gov>
X-Spam-Checker-Version: SpamAssassin 3.1.7 (2006-10-05) on vanadium.sabren.com
X-Spam-Level:
X-Spam-Status: No, score=-2.5 required=2.5 tests=AWL,BAYES_00,HTML_50_60,
HTML_MESSAGE,SPF_HELO_PASS,UNPARSEABLE_RELAY autolearn=ham
version=3.1.7
Received: from mail.icn.net (mail.icn.net [209.170.189.24])
by vanadium.sabren.com (8.12.11.20060308/8.12.11) with ESMTP id m2IFbwVi010171
for <xxxxxxx@348north.com>; Tue, 18 Mar 2008 11:37:59 -0400
In reading these things the top represents the last stop, so to speak. The Return-Path is that email address they’d like me to reply to. These things can be forged really easily, so don’t always assume this where the email originated from. I’ve xxx’d out my email address above — I don’t need to invite more spam! As you can see, SpamAssassin on vanadium.sabren.com (the name of the shared server which houses 348north.com) looked at the email and decided it was not spam. On my email client I look at the X-Spam-Level line and automatically place the email in my Junk E-mail folder if it has 2 *’s or more. icn.net is the company who hosts schraderauction.com, so you can see that they have forwarded my work email on.
Received: from mailproxy1.usda.gov ([199.128.3.41])
by mail.icn.net (SiteVision Mail Server v6.5.9) with ESMTP id YSD96651
for <xxxxx@SCHRADERAUCTION.COM>; Tue, 18 Mar 2008 11:37:51 -0400
icn.net received the email from one of the usda.gov’s email proxies. But look how many internal mail servers it went through before it broke out onto the Internet:
Received: from (unknown [199.128.3.41]) by DA32USDCDC1_AVS01.usda.gov with smtp
id 4d4a_438ec278_f501_11dc_9a6d_001143d36630;
Tue, 18 Mar 2008 15:37:49 +0000
Received: from [151.121.3.99] by mailproxy1.usda.gov with ESMTP (USDA
Proxy SMTP Relay (Email Firewall v6.3.2)); Tue, 18 Mar 2008 11:37:32
-0400
X-Server-Uuid: 69A04D6A-20E6-4C10-BD7D-EC8245529F2C
Received: from (unknown [151.121.3.99]) by DA00USDCIGW_AVS04.usda.gov
with smtp id 1e77_3968c460_f501_11dc_8711_001143e386b0; Tue, 18 Mar
2008 15:37:32 +0000
Received: from newsbox (newsbox.usda.gov [151.121.3.99]) by
newsbox.usda.gov (8.12.9+Sun/8.12.2) with ESMTP id m2IE7mo2006068; Tue,
18 Mar 2008 11:31:44 -0500 (EST)
Received: from NEWSBOX.USDA.GOV by NEWSBOX.USDA.GOV (LISTSERV-TCP/IP
release 1.8e) with spool id 145583 for
USDA-IN-ALL-REPORTS@NEWSBOX.USDA.GOV; Tue, 18 Mar 2008 11:31:43 -0500
Received: from mailproxy1.usda.gov (mailproxy1.usda.gov [199.128.3.42])
by newsbox.usda.gov (8.12.9+Sun/8.12.2) with ESMTP id m2IGLgQ6024254;
Tue, 18 Mar 2008 11:21:42 -0500 (EST)
Received: from (unknown [199.128.3.42]) by DA32USDCDC1_AVS01.usda.gov
with smtp id 40c1_d1cb8280_f4ff_11dc_a9d4_001143d36630; Tue, 18 Mar
2008 15:27:29 +0000
Received: from [199.129.247.139] by mailproxy1.usda.gov with ESMTP (USDA
Proxy SMTP Relay (Email Firewall v6.3.2)); Tue, 18 Mar 2008 11:27:14
-0400
X-Server-Uuid: CCDF5D6D-88F5-46FB-B66A-3B7C9451CEBA
I count 8 queues internally, some of which may be on the same server.
MIME-Version: 1.0
Sensitivity:
X-Mailer: Lotus Notes Release 6.5.4 March 27, 2005
X-MIMETrack: S/MIME Sign by Notes Client on Susan Reynolds/NASS(Release
6.5.4|March 27, 2005) at 03/18/2008 11:25:43 AM, Serialize by Notes
Client on Susan Reynolds/NASS(Release 6.5.4|March 27, 2005) at
03/18/2008 11:25:43 AM, Serialize complete at 03/18/2008 11:25:43 AM,
S/MIME Sign failed at 03/18/2008 11:25:43 AM: The cryptographic key was
not found, Serialize by Router on NASSMAIL/NASS at 03/18/2008 11:28:29
Finally I see who actually drafted this email. Someone named Susan Reynolds with the U.S. Department of Agriculture’s National Agricultural Statistics Service. That fits.
X-TMWD-Spam-Summary: TS=20080318152715; ID=1; SEV=2.3.1;
DFV=B2008031813; IFV=NA; AIF=B2008031813; RPD=5.03.0010; ENG=NA;
RPDID=7374723D303030312E30413039303230422E34374446444635312E303134443A534346535441543933313835392C73733D312C6667733D30;
CAT=NONE; CON=NONE; SIG=AAABALsjAAAAAAAAAAAAAAAAAAAAAH0=
X-WSS-ID: 6BC100C428S21887602-12-01
Message-ID:
Date: Tue, 18 Mar 2008 11:27:29 -0400
Reply-to: in-releases@NASS.USDA.GOV
Sender: usda-in-crop-weather@newsbox.usda.gov
From: "IN SSO"
Comments: To: usda-in-crops-livestock@newsbox.usda.gov
To: USDA-IN-ALL-REPORTS@newsbox.usda.gov
Precedence: list
X-TMWD-Spam-Summary: TS=20080318153733; ID=2; SEV=2.3.1;
DFV=B2008031813; IFV=NA; AIF=B2008031813; RPD=5.03.0010; ENG=NA;
RPDID=7374723D303030312E30413039303230332E34374446453142432E303145333A53434653544154313130323135332C73733D312C6667733D30;
CAT=NONE; CON=NONE; SIG=AAABALsjAAAAAAAAAAAAAAAAAAAAAH0=
X-WSS-ID: 6BC13E3133G23953218-01-01
Content-Type: multipart/mixed;
boundary="=_mixed 0054C0C085257410_="
It looks like usda.gov has some sort of internal spam filter. I guess this email passed inspection.
X-EmailAbuse: Contact support@icn.net if you believe this message is spam. We have a strict no-spam policy and welcome your feedback.
X-virus: This message has been scanned for viruses by ICN.NET
Subject: *** Spam *** usda-in-crops-livestock, usda-in-all-reports
And finally it would appear that icn.net (the host for schraderauction.com) thought that this looked enough like spam to mark it as such in the Subject line. If I wanted to, I could set up another Rule on my client to send all emails with *** Spam *** in the Subject to the trash, but so far icn.net’s spam filtering hasn’t quite been up to par.
And there you go — all the info fit to print in those internet headers.
written by Kevin in web stuff