反查確認是檢查那一段

iiimmmao · 小霸王 註冊時間: 2003-09-15 文章: 260 來自: 中華民國

請問一下

反查確認是檢查那一段

例如我開檢查等級 B 是檢查藍色部份嗎?

gailleton-1-82-67-6-76.fbx.proxad.net (82.67.6.76)

Pinging proxad.net [212.27.32.2]
_________________
Power By RaidenMaild

(RaidenMaild 的愛用者)

Arnor · 發表於: 星期三十一月 17, 2004 5:32 pm 文章標題:

反查的重點是看
他所宣稱的 email address 為什麼網域.

像你之前貼的文章中的廣告信, 它的 mail address 假冒為 xxx@msa.hinet.net
我的解析方式是把 msa.hinet.net 的網域做一番解析,找出所有相關的記錄,
列出所有的 IP.

> set q=all
> msa.hinet.net
Server: dns.hinet.net
Address: 168.95.1.1

msa.hinet.net MX preference = 0, mail exchanger = msa-mx1.hinet.net
msa.hinet.net MX preference = 0, mail exchanger = msa-mx2.hinet.net
msa.hinet.net MX preference = 0, mail exchanger = msa-mx3.hinet.net
msa.hinet.net MX preference = 0, mail exchanger = msa-mx4.hinet.net
msa.hinet.net MX preference = 0, mail exchanger = msa-mx5.hinet.net
msa.hinet.net MX preference = 0, mail exchanger = msa-mx6.hinet.net
msa.hinet.net MX preference = 0, mail exchanger = msa-mx7.hinet.net
msa.hinet.net MX preference = 0, mail exchanger = msa-mx8.hinet.net
msa.hinet.net MX preference = 0, mail exchanger = msa-mx9.hinet.net
msa.hinet.net internet address = 168.95.4.211
hinet.net nameserver = hntp1.hinet.net
hinet.net nameserver = hntp3.hinet.net
hinet.net nameserver = dns.hinet.net
msa-mx1.hinet.net internet address = 168.95.5.101
msa-mx1.hinet.net internet address = 168.95.5.102
msa-mx1.hinet.net internet address = 168.95.5.103
msa-mx1.hinet.net internet address = 168.95.5.104
msa-mx1.hinet.net internet address = 168.95.5.105
msa-mx1.hinet.net internet address = 168.95.5.106
msa-mx1.hinet.net internet address = 168.95.5.107
hntp1.hinet.net internet address = 168.95.192.1
hntp3.hinet.net internet address = 168.95.192.2
dns.hinet.net internet address = 168.95.1.1
>

該連過來的 IP 再對上述一長串 IP 做CLASS 的比對.

因為它宣稱是 msa.hinet.net 嘛, 那我就看他的 IP 範圍是否是該網域在網路上所設定的那樣, 因為一個正常的信, 宣稱來源是哪個網域, 就應該要是從該網域負責信件的 mx 記錄的機器來寄信才是正確.
_________________
*若是想問問題的話, 請務必不要塗改任何 IP, 網域資料, 您若不願貼上IP或網域, 請改以電子郵件來詢問. 謝謝您的配合.*
*若是回報疑似軟體的運行或邏輯或資料處理有誤的問題, 小弟很樂意去了解您的情況, 但請務必以最新版來做回報, 如果以郵件詢問, 請參考 http://www.raidenmaild.com/tw/feedback.html 的說明, 最好標題加個 RaidenMAILD 字樣, 才不致會遺漏了您的信唷. 謝謝您的配合^^*
*在版上發文請遵守網路禮儀, 並請持著虛心敘述問題請教他人, 凡發現違反的文, 均一律刪除為優先, 不另行通知喔.
*與使用者教學相長腦力激盪是我輩成就感的來源, 誠心希望您能不吝指教.
*雷電MAILD 知識庫文件 http://www.raidenmaild.com/tw/kb/

素還尊
Team John Long.
Email: arnor@raidenmaild.com
公司網站 http://www.raidenmaild.com/company/

iiimmmao · 發表於: 星期五十一月 19, 2004 9:21 am 文章標題:

那此封信, 也是進的來???

Pinging 61-31-159-111.dynamic.tfn.net.tw [61.31.159.111]

2004/11/19:04:51:02 SMTP 61.31.159.111 HELO xxxx.club.tw
2004/11/19:04:51:02 SMTP 61.31.159.111 HELO xxxx.club.tw
2004/11/19:04:51:02 SMTP 61.31.159.111 MAIL FROM:<doyoulike3344@yahoo.com.tw>
2004/11/19:04:51:02 SMTP 61.31.159.111 MAIL FROM:<likeyou165@yahoo.com.tw>
2004/11/19:04:51:03 SMTP 61.31.159.111 RCPT TO:<admin@xxxx.club.tw>
2004/11/19:04:51:03 SMTP 61.31.159.111 RCPT TO:<tcc@xxxx.club.tw>
2004/11/19:04:51:03 SMTP 61.31.159.111 RCPT TO:<daiwong@xxxx.club.tw>
2004/11/19:04:51:03 SMTP 61.31.159.111 DATA
2004/11/19:04:51:03 SMTP 61.31.159.111 RCPT TO:<dsaasd@xxxx.club.tw>
2004/11/19:04:51:03 SMTP 61.31.159.111 RCPT TO:<ad@xxxx.club.tw>
2004/11/19:04:51:04 SMTP 61.31.159.111 RCPT TO:<gaga0416@xxxx.club.tw>
2004/11/19:04:51:04 SMTP 61.31.159.111 DATA
2004/11/19:04:51:05 SMTP 61.31.159.111 QUIT
2004/11/19:04:51:07 SMTP 61.31.159.111 QUIT

廣告信:

Received: from xxxx.club.tw([61.31.159.111]) by RaidenMAILD([61.59.56.xx]); Fri, 19 Nov 2004 04:51:07 +0800
From: =?Big5?B?obSleMZRuvGwZ7auuvS49Lv5N6fpKKtPw9KkvaVxs2YpobQ=?=
<doyoulike3368@yahoo.com.tw>
Subject:
=?Big5?B?obSt7Lx0rNuuZb6lpPSnWC660q+7p1ikdbx0u/kupf6s2aZ2sHS2UrROsGUtobQ=?=
Content-Type: text/html
Date: Thu, 18 Nov 2004 22:28:20 +0800
X-Priority: 3