Print

Print


You can also see the headers -- without opening the email -- by viewing 
the Message Source. This is done by highlighting the email in question 
then selecting the Message Source option from the View menu (or by using 
the Control-U shortcut). You will see the entire email source in a new 
window, including all the headers.

I find this approach more convenient because you can see the full 
headers plus the details of any links in the body of the email (to 
inspect for origin). Other advantages are that it is safer (harder to 
click on links accidentally), doesn't trigger web bugs, wraps the 
headers for easier viewing (the View All Headers option lets them run 
off the screen to the right, making it harder to see them), and is 
easier to invoke because of the Control-U shortcut. YMMV.



On 9/30/2010 9:31 AM, Andrew Hendrickson wrote:
> You're using Thunderbird 3.0.8 (which is out of date BTW).  To view 
> full headers open the message, select View then Headers then All
>
> You'll see a scroll bar in the header now and you'll need to scroll 
> down to view the entire header.
>
> NOTE:  this setting will stay this way until you set it otherwise.  In 
> addition, if you print messages with "view all headers" turned on, you 
> get the full header in the print out as well.
>
> On Sep 30, 2010, at 9:07 AM, Deb Smith wrote:
>
>> I received an email this morning from Linkedin but did not open it.  
>> I have a question though, how do you check the full header to see 
>> what the spam probability is?
>> Deb
>>
>> On 9/30/2010 9:03 AM, Dean Williams wrote:
>>> Yes, I received several (pointing to a variety of non-linkedin.com 
>>> <http://non-linkedin.com/> addresses).  They even sent it to 
>>> [log in to unmask] <mailto:[log in to unmask]> (gotta love it when spammers 
>>> report their own abuses).  
>>>
>>> If you check the full headers, you'll see that UVM's PureMessage 
>>> spam filters ranked it "Probability=28%", not high enough to earn 
>>> the "[SPAM?:#]" designation in the Subject line.  Best way to fix 
>>> that is to send the message as an attachment, or at least with full 
>>> headers, to: 
>>>
>>>     Sophos Spam Reporting <[log in to unmask] 
>>> <mailto:[log in to unmask]>>
>>>
>>> If you do that, you can cc:
>>>
>>>     FTC UCE Spam Reporting <[log in to unmask] <mailto:[log in to unmask]>>
>>>     CERT Phishing Report <[log in to unmask] 
>>> <mailto:[log in to unmask]>>
>>>
>>> Oh, one other thing.  When you examine the full headers in messages 
>>> like these, please check the message's origin to be sure it's not 
>>> coming from UVM.  Spam from outside is a nuisance; spam from a 
>>> bot-infected on-campus computer rises to a whole 'nother level of 
>>> seriousness.  FOr example, the first "Received" header in today's 
>>> message is: 
>>>
>>>> *Received: * from mail14-a-ab.linkedin.com 
>>>> <http://mail14-a-ab.linkedin.com/> (mail14-a-ab.linkedin.com 
>>>> <http://mail14-a-ab.linkedin.com/> [64.74.98.136]) by 
>>>> mail.roxylau.com <http://mail.roxylau.com/> (8.13.8/8.13.8) with 
>>>> ESMTP id KQZB6L1434584 for <[log in to unmask] 
>>>> <mailto:[log in to unmask]>>; Thu, 30 Sep 2010 20:35:14 +0800 (EDT)
>>>>
>>>
>>> Forgery, anyone?  
>>>
>>> -Dean Williams  
>>>
>>>
>>> On Sep 30, 2010, at 8:47 AM, Moody, Michael D wrote:
>>>
>>>> It appears that messages that are purportedly from LinkedIn 
>>>> Communications are being received by some UVMers.  The subject, 
>>>> today, is “LinkedIn Messages, 9/30/2010.”  Hovering over the 
>>>> message links shows that the destination is anything but LinkedIn.  
>>>> Has there been other reports of this spoofing attempt?
>>>>  
>>>> Michael Moody
>>>