After looking at the email headers (see below), I have to admit that the email does indeed look genuine.
The email was sent from "81.156.163.12" which is a BT Wholesale ADSL IP address.
From there it was then relayed via "smtp.clients.netdns.net [202.157.148.149]"
Finally it was delivered to a local mailbox on that server.
I hate to admit it, but all these facts check out. So with Mythbusters objectivity I have to call this one plausible.
I just really hope I don't get a visit from the plods for this ill advised sleuthing. (Shameless plug - Freelance sysadmin/coder for hire)
The following are the email headers for those that are interested (read this from bottom to top):
Received: (qmail 14074 invoked from network); 24 Dec 2012 23:57:29 +0800
Received: from titanium.netdns.net (123.100.248.206) by neon.netdns.net with SMTP; 24 Dec 2012 23:57:29 +0800
Received: from localhost (unknown [127.0.0.1]) by titanium.netdns.net (Postfix) with ESMTP id 82BB4523A84 for <pdoughty@britamdefence.com>; Mon, 24 Dec 2012 15:57:18 +0000 (UTC)
X-Virus-Scanned: amavisd-new at S1AvWhNnLx31v.netdns.net
Received: from titanium.netdns.net ([127.0.0.1]) by localhost (titanium.netdns.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nWRHL2NRVdAP for <pdoughty@britamdefence.com>; Mon, 24 Dec 2012 23:57:18 +0800 (SGT)
Received: from smtp.clients.netdns.net (smtp.clients.netdns.net [202.157.148.149]) by titanium.netdns.net (Postfix) with ESMTP id 27D5F523A0E for <pdoughty@britamdefence.com>; Mon, 24 Dec 2012 23:57:18 +0800 (SGT)
Received: (qmail 18137 invoked from network); 24 Dec 2012 15:57:27 -0000
Received: from unknown (HELO Britam00323) (smtpbritam@britamdefence.com@81.156.163.12) by 0 with ESMTPA; 24 Dec 2012 15:57:27 -0000
From: "David Goulding" <dgoulding@britamdefence.com>
To: "'Phillip Doughty'" <pdoughty@britamdefence.com>
Connect With Us