Westnet and EMI are giving members the chance to win one of 10 copies of the latest (and possibly last) album from Queen and Paul Rodgers, Live in Ukraine.

After announcing their five-year reign of ‘rocking you’ has come to an end, this live recording of their recent European appearance in Ukraine is set to become a collector’s edition.

Featuring Show Must Go On, Another One Bites the Dust, I Want It All, We Will Rock You, We Are the Champions and, of course, Bohemian Rhapsody.

For your chance to win one of 10 copies of Live in Ukraine, simply make sure you click the Enter button in the Westnet Newsletter in your inbox, or via MyWestnet. Entries are limited to one per Westnet username. The competition closes at 12.01am (WST) on Monday 29 June 2009.

I’ve already written about a few interesting problems to do with email messages, namely spam, phishing messages and virus infections. As we know, the software or individuals crafting these messages can often use the “From” field in a message to falsify where the message came from in an effort to get the recipient to drop their guard.

Dealing with these kinds of suspect messages can be a new and concerning experience for anyone receiving them for the first time, so I thought I’d offer a way to learn more about where a particular message came from and what you can do about it.

I’m in the middle of a busy patch, so I put the call out for anyone interested in contributing to the blog. Luke Harris, one of my Team Leaders, stepped up with this explanation of the information available in the headers of your email.

When an email message is received it contains information called internet headers. These are also referred to as email headers. To avoid confusion I’ll stick to the former for the sake of this article. No matter which email program you’re using, viewing this information is relatively easy. Most email programs follow a similar method. Here are some detailed instructions for Outlook Express, Windows Mail, Microsoft Outlook and Mozilla Thunderbird.

Depending on where the email message has been there may be many lines of text, so much so that you may have to scroll to see everything. Think about your passport for a moment. It contains stamps from various airports around the world and is a history of your travels, from departure to arrival. The information here is relatively the same. The first thing to remember is that the message’s journey starts from the bottom. So to make it easier to read, you might want to use the mouse to select all of the information. Don’t forget to make sure you get the text at the bottom of the message; otherwise you’ll miss the important part. Once all the text is highlighted, hold down the “Ctrl” key while pressing the “C” key. That should copy the text. Then open Notepad and hold down the “Ctrl” key again while pressing the “V” key.

By this time you may be asking yourself where I’m heading with this, how does this help me defend against fraudulent email? Internet headers usually contain three parts. These are message information, Received header and Return path.
In most cases the internet headers contains the IP address of its source, or where it came from. If you look at an internet header and see copy resembling this:

“Received: from www.ezydvd.com.au (www.ezydvd.com.au [203.122.231.241]) by hosted01.westnet.com.au (Postfix) with ESMTP id 37CB02BF319 for ; Fri, 15 May 2009 14:38:27 +0800 (WST)”

The senders IP address is in bold. The one downside to this is that it is possible for an IP address to be “spoofed”. “Spoofing” is the slang term used loosely within the industry to describe the faking of the source information. Essentially the purpose of “spoofing” an IP address is to mislead and avoid being tracked down, making the message appear like it came from a different PC or network. Think of it as planting a fake fingerprint at the scene of a crime. A lot of spammers bet on the recipient not knowing how to gather the internet header information, so they may not bother to “spoof” the address as some effort is involved. You can find more information about that here.

Now that you have an IP address to work with you can then use a free online networking utility to run what’s called a “Whois Query” to find out registered information for that IP address. The information that will be of use is the ISP that leases the IP address and their abuse contact.

There are generally two types of spam messages. Those sent by a real person and those sent by a computer (usually sent via an unsuspecting host PC which has been infected by a virus).

In either case, the best thing to do is to check for an “unsubscribe” option. If the unsubscribe option is not present or doesn’t appear to work for you, then you can report it via the ACMA website. You can also forward the original message along with the internet header information you’ve obtained directly to the ISP abuse contact listed in the Whois Query. If the ISP is reputable, they should be very interested in assisting both you and their potentially compromised customer. Don’t forget to move the message to your spam or junk folder where it belongs, don’t follow any links in the message or open any attachments.

It’s also important to note that ACMA can only deal with spam messages that originated from within Australia. With a little knowledge and a lot of patience we can all make it a little harder for unscrupulous folk to make their mark.