Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 260
  • Last Modified:

Can received date be faked?

Hello,

I have a user who forwarded a spam to me (included as text unfortunately, not as an attachment).  It easily should have been blocked by our Antigen server.  Looking at the e-mail, the date on the original spam is several years old.  Now I'm in a debate with our technicians about where this date comes from.  They are telling me that the date comes from the BIOS of the sending computer.  I'm thinking that's impossible, otherwise people would be backdating e-mails all the time.

What could have caused the received date to be six years old?  (We didn't even have our Exchange server then.)
0
SmithMarty
Asked:
SmithMarty
1 Solution
 
trenesCommented:
Hi SmithMarty,

The sending smtp server must be "anti dated" then its possible I think (99,9999%)

Regards,

Trenes
0
 
dynamitedotorgCommented:
The only message headers you can trust are those inserted by your own servers. Any other headers including Date: can be easily altered.

The Date: header itself should be inserted by the client, however this isn't always the case and so if it's missing it should get added by a proper MTA.
0

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now