<html><head></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><div>Hotmail is pretty helpful and puts lines like:</div><div><br></div><div>Received: from [192.168.0.5] ([123.213.16.4]) by <a href="http://BLU0-SMTP8.blu0.hotmail.com">BLU0-SMTP8.blu0.hotmail.com</a> over TLS secured channel with Microsoft SMTPSVC(6.0.3790.3959);</div><div>So you've got the source IP address of the client (192.168.0.5) even behind a NAT (123.213.16.4).</div><div><br></div>There is also the old (10-15 years old!) trick which was to embed a 1x1 pixel white .gif image somewhere in the body of the email that was hosted on a machine controlled by the "tracker", so that every time the email was replied to, the reader's client would request the image and give away the farm with regards to source IP address, browser etc. Of course nowadays, most email clients are smart enough to block embedded images by default, especially from email addresses that they don't necessarily trust.<br><div><br></div><div>Whether Cyber Safety Solutions are doing either of these things or using some magical new technique I'm not sure.</div><div><br></div><div>Cheers,</div><div><br></div><div>Ben</div><div><br></div><div><div>On 17/03/2010, at 8:05 AM, Darren Moss wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite">
<div>
<div><span class="215475721-16032010"><font size="2" face="Arial">Morning
Noggers,</font></span></div>
<div><span class="215475721-16032010"><font size="2" face="Arial"></font></span> </div>
<div><span class="215475721-16032010"><font size="2" face="Arial">I just heard an
interview on Neil Mitchell's program with Susan McLean (Cyber Safety Solutions),
who claims her company tracks Hotmail email messages to the source /
person.</font></span></div>
<div><span class="215475721-16032010"><font size="2" face="Arial"></font></span> </div>
<div><span class="215475721-16032010"><font size="2" face="Arial">I'm surprised
someone would say this in the media as it's often near impossible to trace free
email address messages (unless it's blatently obviously who the sending party
is).</font></span></div>
<div><span class="215475721-16032010"><font size="2" face="Arial"></font></span> </div>
<div><span class="215475721-16032010"><font size="2" face="Arial">Am I missing
something here? Has someone developed a magical technology or permission to
trace these messages?</font></span></div>
<div><font size="2" face="Arial"></font> </div><p align="left"><font size="2" face="verdana">Regards, <br> <br> <br><strong>Darren
Moss<br></strong>General Manager<br>Australia and New Zealand<br>[p] 1300 131
083 [f] 03 9017 2287<br>[e] <a href="mailto:Darren.Moss@em3.com.au">Darren.Moss@em3.com.au</a> [w] <a href="http://www.em3.com.au/">www.em3.com.au</a></font><font face="verdana"><br><font size="2"> <br><strong>em3 People and Technology |
Managed Technology Experts<br></strong>postal: PO Box 2333, Moorabbin VIC
3189<br><br><strong>New Zealand</strong> Airedale Street, Auckland
City<br>postal: PO Box 39573, Howick 2045<br>[p] 09 887 0550 </font><font size="2" face="verdana">[f] 09 887 0273</font><font size="2"><br></font></font></p>
<div><font size="2" face="Arial"></font> </div></div>
_______________________________________________<br>AusNOG mailing list<br><a href="mailto:AusNOG@lists.ausnog.net">AusNOG@lists.ausnog.net</a><br>http://lists.ausnog.net/mailman/listinfo/ausnog<br></blockquote></div><br></body></html>