[dba-VB] [AccessD] OT - Detecting Name/Address of SMTP server

Stuart McLachlan stuart at lexacorp.com.pg
Wed Jul 9 18:52:05 CDT 2003


On 9 Jul 2003 at 15:40, paul.hartland at fsmail.net wrote:

> To all,
> 
> I'm working on a project for my own use, and need to know if there's a
> way to automatically detect the name/address of the SMTp server that
> the person sends email through. 
> 
> Paul 

In general, you just need to parse out the last (in sequence, first 
in time) Time Stamp Line(s)  in the message headers.

See RFC 821. Sect 4.1.2 for specifications of this line.

Your message tells me:

Received: from fep04-svc.ttys.com (mx-out.ttys.com [80.239.199.130])
	by databaseadvisors.com (8.11.6/8.11.6) with ESMTP id h69FenQ02022;
	Wed, 9 Jul 2003 10:40:49 -0500
Received: from localhost ([127.0.0.1]) by fep04-svc.ttys.com
          (InterMail vM.5.01.03.13 201-253-122-118-113-20010918) with 
	SMTP id <20030709154050.OBHR1637.fep04-svc.ttys.com at localhost>;

So your SMTP Server appears to be 80.239.199.130 and it's called both 
fep04-svc.ttys.com (it's internal name) or mx_out.ttys.com (it's 
Canonical name which you get when you do a nslookup on  
80.239.199.130). 
It also tells me what mail server software ttys.com is using.

Note:
If you are trying to use it to track spam though, that won't work for 
very often since they generally forge some of the headers.







-- 
Lexacorp Ltd
http://www.lexacorp.com.pg
Information Technology Consultancy, Software Development,System 
Support.





More information about the AccessD mailing list