Cc: nanog@nanog.org
Subject: Re: Have Yahoo! gone pink?
From: Valdis.Kletnieks@vt.edu
Date: Wed, 29 Mar 2006 16:55:23 -0500--==_Exmh_1143669323_3096P
Content-Type: text/plain; charset=us-ascii> Yahoo claim "After investigation, we have determined that this email message
> did not originate from the Yahoo! Mail system.Received: from EXCHG01-DUB.Europe.Search.Corpsys.P4pnet.net
(cluster01-dub.europe.search.corpsys.p4pnet.net [172.30.132.19])
by mrout3.yahoo.com (8.13.4/8.13.4/y.out) with ESMTP id k2FIupeH049008;
Wed, 15 Mar 2006 10:56:52 -0800 (PST)Hey, what do you know... if you trust both uksolutions.net and yahoo.com's
Received: lines, it didn't originate at Yahoo - it came from p4pnet.net.(A fine demonstration of the difference between being truthful and being helpful
Of course, this ignores the fact that '172.30.132.19' is in RFC-1918 space.
<wry grin>
Now _how_ 'mrout3.yahoo.com' got that message *is* open for speculation.
Even more interesting is how it got DNS name resolution on that address.
Best available evidence indicates that _that_ header line is a total
fabrication.
As I recall, the header added by the destination system showed receipt
from a yahoo machine (and a valid IP address, belonging to yahoo).
It's possible that yahoo's auto-parsing got misled by the bogus header
shown above.