January 20, 2006

Who sent that email?

Have you ever wanted to figure out where that funky piece of spam or other email originated? I've been doing this for a long time and I've explained it to a lot of people but I've never found a clear, annotated description of how to do it. Well, with a caveat, this page has a good introduction to how to trace it.

The caveat is this: it's easy to put fake headers on the email -- they will be propogated to the next mail server and carried throughout the sever chain. How is this done? By simply including them in the message! Why is this possible? Because Received headers are a part of the data stream passed from one mail server to the other. If someone is faking email, they can easily include fake Received headers.

Yes, Received headers can be fakes! But, and here's the good part, once the message starts its journey, subsequent entries on the Received chain are legit.

So, how do you account for that? By tracing from the top of the email -- start from your mail server (which you know you can trust). As you parse the header, determine for yourself if you can trust that machine's information. If so, try the next one. If not, the last one you parsed is really the first machine in the chain.

Posted by tony at 10:50 AM | Comments (1)

January 16, 2006

And then there's HDTVtoMPEG2

Another excellent tool, supported and discussed in AVSForum is HDTVtoMPEG2. Note that it's not really good anymore as a converter of transport streams (aka TS or .ts files) to MPEG2 but you can still use it to edit TS files.

Posted by tony at 11:26 AM | Comments (0)

Most excellent resource for Firewire recording to XP

See AVSForum for How to record via IEEE 1394 (Firewire) to Windows XP.

Posted by tony at 11:22 AM | Comments (0)