Email Tracing Examples Computer Forensics Email Tracing Examples

Microsoft Mail Internet Headers Version 2. 0 Received: from SEARCH Microsoft Mail Internet Headers Version 2.0 Received: from SEARCH.ORG ([64.162.18.2]) by sgisrv1.search.org with Microsoft SMTPSVC(5.0.2195.3779); Wed, 23 Oct 2002 10:53:19 –0700 Received: from hotmail.com ([216.33.240.88]) by SEARCH.ORG with ESMTP (IOA-IPAD 2.54) id 4171800; Wed, 23 Oct 2002 10:59:54 –0800 Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Wed, 23 Oct 2002 10:53:19 –0700 X-Originating-IP: [64.162.18.159] From: "TC" boston17@hotmail.com To: jqs@search.org Subject: Kittens for sale Date: Wed, 23 Oct 2002 10:48:16 –0700 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_000A_01C27A81.B1743CB0“ X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Message-ID: OE31FFsAitVGeSJIEoP00003f05@hotmail.com X-OriginalArrivalTime: 23 Oct 2002 17:53:19.0069 (UTC) FILETIME=[1216D8D0:01C27ABD] Return-Path: boston17@hotmail.com

From tschwarz@cse.ucsc.edu Fri Jan 16 15:51:11 2004 Return-Path: <tschwarz@cse.ucsc.edu> Received: from sundance.cse.ucsc.edu (sundance.cse.ucsc.edu [128.114.48.62]) by server4.engr.scu.edu (8.12.10/8.12.10) with SMTP id i0GNpA8K007608 for <tschwarz@engr.scu.edu>; Fri, 16 Jan 2004 15:51:10 -0800 Received: (from tschwarz@localhost) by sundance.cse.ucsc.edu (8.6.10/8.6.12) id PAA18463 for tschwarz@engr.scu.edu; Fri, 16 Jan 2004 15:51:10 -0800 Date: Fri, 16 Jan 2004 15:51:10 -0800 From: Thomas Schwarz <tschwarz@cse.ucsc.edu> Message-Id: <200401162351.PAA18463@sundance.cse.ucsc.edu> To: tschwarz@engr.scu.edu Subject: email X-Spam-Checker-Version: SpamAssassin 2.60-rc3 (1.202-2003-08-29-exp) on server4.engr.scu.edu X-Spam-Level: X-Spam-Status: No, hits=0.0 required=5.0 tests=none autolearn=ham version=2.60-r c3 This is a test.

Return-Path: <rhn-bounce+2443612-3000675@rhn.redhat.com> Received: from rhn-mail.rdu.redhat.com (mail.rhn.redhat.com) [66.187.232.120] by mail.zionsvillepd.com (8.12.8/8.12.5) with ESMTP id h5J5iCjI022534 for <jmorris@zionsvillepd.com>; Thu, 19 Jun 2003 00:44:13 -0500 Received: from admin.rdu-colo.redhat.com (nat-pix.rdu-colo.redhat.com [10.255.17.200] by rhn_mail.rdu-colo.redhat.com (8.11.6/8.11.6) with ESMTP id h5J5amx01895 for <jmorris@zionsvillepd.com>; Thu, 19 Jun 2003 01:36:49 -0400 Received: from admin.rhu-colo.redhat.com (localhost.localdomain [127.0.0.1]) by admin.rdu-colo.redhat.com (8.11.6/8.11.6) with ESMTP id h5J5WW920293 for <jmorris@zionsvillepd.com>; Thu, 19 Jun 2003 01:32:32 -0400 Date: Thu, 19 Jun 2003 01:32:32 -0400 Message-Id: <200306190532.h5J5WW920293@admin.rdu-colo.redhat.com> Subject: RHN Errata Alert: Updated WindowMaker packages fix vulnerability in theme-loading Content-Type: TEXT/PLAIN; charset=US-ASCII X-RHN-Info: Autogenerated mail for ZPD X-RHN-Email: <jmorris@zionsvillepd.com> Precedence: first-class Errors-To: rhn-bounce+2443612-3000675@rhn.redhat.com From: Red Hat Network Alert <rhn-admin@rhn.redhat.com> To: ZPD <jmorris@zionsvillepd.com> X-RHN-Login: ZPD

From mixmaster@futureworlds.it Fri Jan 16 15:45:07 2004 Return-Path: <mixmaster@futureworlds.it> Received: from www.futureworlds.it (ip-081-104.customer.panservice.it [212.66.10 4.81]) by server4.engr.scu.edu (8.12.10/8.12.10) with ESMTP id i0GNj58K004457 for <tschwarz@engr.scu.edu>; Fri, 16 Jan 2004 15:45:06 -0800 Received: by www.futureworlds.it (Postfix, from userid 1011) id 8CE991F0F5A; Sat, 17 Jan 2004 00:45:01 +0100 (CET) From: futureworlds <nobody@mail.futureworlds.it> To: tschwarz@engr.scu.edu Subject: Test Message-ID: <06e358af1c20ba88603856b809ead72d@mail.futureworlds.it> Date: Sat, 17 Jan 2004 00:45:01 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 2.60-rc3 (1.202-2003-08-29-exp) on server4.engr.scu.edu X-Spam-Level: X-Spam-Status: No, hits=0.0 required=5.0 tests=none autolearn=ham version=2.60-rc3