Hello,
The responses to my question about entries in mail.log are
enclosed.
Arun Sanghvi
The Message-ID is string of the form STUFF_at_host.domain where STUFF is
a unique string and host.domain is the name of the host that the
message was sent from. This provides an identiifying token for the
mail message.
The from=<abc_at_usa.net> indicates who the mail message was from, and
'received from ....' indicates what machine sent your machine the mail
message.
--[Lance]
********************************
There is no theory describing the content of a message-id
It is intended to be a unique string created at the source machine.
This one obviously has some date (19970503 May 3, 1997)
and some source internet address (_at_usa.net).
170756.36ef14 might be a user id on usa.net or it might be a time-of-day.
The beginning (3.0.1.16) is probably an IP number used in the
Intranet hidden behind the usa.net gateway (see rationale below).
You might try contacting postmaster_at_usa.net for more info on how their
message-id is created.
> 2. What is the significance of "from=<abc_at_use.net" and received
> from mjs2pc.wilm.ge.com (3.43.41.1)
The message's "From:" field said it was from 'abc_at_use.net'
which sounds like a forged header to me because it is so simple.
Perhaps more info is available in the message's actual headers.
Or again, perhaps postmaster_at_usa.com would be responsive to an inquiry about
its identity. Be sure to send them the full headers of the
received message if it is still around.
The last link in the path to your machine was
mjs2pc.wilm.ge.com (3.43.41.1)
nslookup says
mjs2pc.wilm.ge.com preference = 20, mail exchanger = crdems.ge.com
mjs2pc.wilm.ge.com preference = 10, mail exchanger = ns.ge.com
mjs2pc.wilm.ge.com preference = 15, mail exchanger = ns2.ge.com
so there is no real machine called
mjs2pc.wilm.ge.com
but several mail servers go by that name.
The number 3.43.41.1 looks like an Internet IP address, but is not
in the Internet tables and does not respond to ping.
The above mail servers have IP addresses like
crdems.ge.com internet address = 192.35.44.5
ns.ge.com internet address = 192.35.39.24
ns2.ge.com internet address = 192.35.39.25
so I don't know where the number came from.
It is similar to the beginning of the message-id, though, so I would
think it is an IP number in the usa.net private Intranet
hidden behind the mail servers.
Is usa.net a service similar to AOL but supplied by General Electric ?
It is refined as an arbitrary unique string ending in an email domain.
Different programs and transfer agents create these in different ways.
That one looks like it includes the date and time.
Eric B.
***********************************************
The message-id is an internal thing that bears no useful information
except to the machine that generated it. The "bat" book from O'rielly
& Associates says "The Message-ID: header is used to uniquely identify
each mail message. This header must be declared in the configuration
file. The field for this header must be an expression in the form of a
legal address enclosed in angle brackets (< and >). The address must be
composed of elements that create an identifier that is truly unique
worldwide."
:2. What is the significance of "from=<abc_at_use.net" and received
:from mjs2pc.wilm.ge.com (3.43.41.1)
I think the abc_at_use.net address is the sender of the original message.
The "from mjs2pc.wilm.ge.com" is the machine that most recently passed
this message to your mail host. I think if you look in the full headers
of the message in question you will see that host in the path.
-cliff
please post the true answer. I'm curious!
thanks pam.
________
Pam Woods - axsymgr_at_uaa.alaska.edu
Received on Fri May 09 1997 - 19:50:42 NZST