hi im a newbie here...and the first thing i learned wa the
mx1.mail.hotmail.com
mx1.mail.yahoo.com
vulnerabilty...
So the Qestion is ...WHY arnt theydoing anything about it ...dont tell me they dont KNOW.. lol

anyway..is there anyway way i can get the ip of the person i send an wmail to / or get an email from ? using patches ..or remote exes.?

Are you refering to being able to forge fake from headers on an email? That is not a vulnerablity. It is the functionality of the POP3 protocol, that is why they dont do anything about it. You need to be able to specify who the letter is from and if you notice it doesnt matter if it's forged, you can still check the header and see the address of the sender. Places like yahoo and hotmail need to open these servers up to everyone because thier client base comes from everywhere. When it comes to ISP POP3 accounts the disable access to thier POP3 servers to everyone except clients on thier network or computers on thier netblock.

You can get the IP of the person sending a mail from the mail headers themselves. I don't know the exact title of the header, but I answered a question like this before and SR was able to come along and give the details So for now, you will have to look yourself, but it shouldn't be too hard to figure out.

Didn't know if that is what sin was talking about in reference to the "address" or if he was referring to the email addy.

No, I won't search for it, I could but so could you.

Oh i was refering to seeing the IP address of the sender in the email header that you can view in the properties of the email or in other places depending on the client you use. But you will be able to tell if the IP corresponds to the 'from' address.

The last "Recieved" header (and consequently the first "Recieved" prepended to the email) in the email headers is information about the source of the email including the source IP address.

thnx a lot guys... gee sinetific , guess i need to read more on protocols i guess ...

ok...i jus found that Outlook has an option to read email headers apart from the message properties . is this what SR is talking about...the checkbox with the "internet header ,show last recieved "

anyway..so ,reading the email headers reveal the ip address...hmmm intersting...but what if ,they use some "remailing" facility like :
A4proxy ( www.inetprivacy.com/a4proxy/ )
or some other proxy, which strips out all original email headers and info about your location and IP address, and then sends the message to its final destination...
and i guess realised that i guess i wont be able to send an email back to them coz ....itsNOT thier legitimate email anyway...so they cant check it rite...waht u think...ilemme try seraching on "how to mail to an ip adress instead " ..
thnx again