[Home]  [Headlines]  [Latest Articles]  [Latest Comments]  [Post]  [Sign-in]  [Mail]  [Setup]  [Help] 

Status: Not Logged In; Sign In

Taxpayer Funded Censorship: How Government Is Using Your Tax Dollars To Silence Your Voice

"Terminator" Robot Dog Now Equipped With Amphibious Capabilities

Trump Plans To Use Impoundment To Cut Spending - What Is It?

Mass job losses as major factory owner moves business overseas

Israel kills IDF soldiers in Lebanon to prevent their kidnap

46% of those deaths were occurring on the day of vaccination or within two days

In 2002 the US signed the Hague Invasion Act into law

MUSK is going after WOKE DISNEY!!!

Bondi: Zuckerberg Colluded with Fauci So "They're Not Immune Anymore" from 1st Amendment Lawsuits

Ukrainian eyewitnesses claim factory was annihilated to dust by Putin's superweapon

FBI Director Wray and DHS Secretary Mayorkas have just refused to testify before the Senate...

Government adds 50K jobs monthly for two years. Half were Biden's attempt to mask a market collapse with debt.

You’ve Never Seen THIS Side Of Donald Trump

President Donald Trump Nominates Former Florida Rep. Dr. Dave Weldon as CDC Director

Joe Rogan Tells Josh Brolin His Recent Bell’s Palsy Diagnosis Could Be Linked to mRNA Vaccine

President-elect Donald Trump Nominates Brooke Rollins as Secretary of Agriculture

Trump Taps COVID-Contrarian, Staunch Public Health Critic Makary For FDA

F-35's Cooling Crisis: Design Flaws Fuel $2 Trillion Dilemma For Pentagon

Joe Rogan on Tucker Carlson and Ukraine Aid

Joe Rogan on 62 year-old soldier with one arm, one eye

Jordan Peterson On China's Social Credit Controls

Senator Kennedy Exposes Bad Jusge

Jewish Land Grab

Trump Taps Dr. Marty Makary, Fierce Opponent of COVID Vaccine Mandates, as New FDA Commissioner

Recovering J6 Prisoner James Grant, Tells-All About Bidens J6 Torture Chamber, Needs Immediate Help After Release

AOC: Keeping Men Out Of Womens Bathrooms Is Endangering Women

What Donald Trump Has Said About JFK's Assassination

Horse steals content from Sara Fischer and Sophia Cai and pretends he is the author

Horse steals content from Jonas E. Alexis and claims it as his own.

Trump expected to shake up White House briefing room


Neocon Nuttery
See other Neocon Nuttery Articles

Title: The Boylan trail...he's a stone liar
Source: U of Oregon
URL Source: http://www.uoregon.edu/~pboothe1/iraq_emails/
Published: Oct 30, 2007
Author: Peter Boothe
Post Date: 2007-10-30 23:21:58 by Mekons4
Keywords: None
Views: 1173
Comments: 4

Deciphering the email headers to determine if the same person sent them both

Glenn Greenwald posted email headers from a discussion he was having where a person denied sending an email that Glenn received. The post about the email and denial are here: http://www.salon.com/opinion/greenwald/2007/10/28/boylan/index.html and the post where he gives email headers is here: http://utdocuments.blogspot.com/2007/10/e-mail-headers-from-col-boylan-and-mnf.html

I have experience programming, in syadmin work, netops work, and have been studying the Internet in an effort to get a PhD in computer science. I'm pretty sure those emails came from the same person. My reasoning is explained below. The one unfortunate thing is that the email headers got a bit mangled when they were posted. I have attempted to unmangle them, and if I get a better copy of them, I will replace the old with the new. Original Email Headers Headers from the denial email Return-Path: X-Spam-Checker-Version: SpamAssassin 3.1.7 (2006-10-05) on imap3.salon.com X-Spam-Level: X-Spam-Status: No, score=0.2 required=4.0 tests=AWL autolearn=disabled version=3.1.7 Received: from rich.salon.com (rich.salon.com [206.80.4.124]) by mailer.salon.com (8.13.6/8.13.6) with ESMTP id l9SBFgrP024411 for ; Sun, 28 Oct 2007 04:15:43 -0700 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.1.7 (2006-10-05) on imap3.salon.com X-Spam-Level: X-Spam-Status: No, score=0.2 required=4.0 tests=AWL autolearn=disabled version=3.1.7 Received: from rich.salon.com (rich.salon.com [206.80.4.124]) by mailer.salon.com (8.13.6/8.13.6) with ESMTP id l9SFwcx5001032 for ; Sun, 28 Oct 2007 08:58:38 -0700

The first chunk is not very interesting. As emails make their way from source to destination, each relay point adds on their own line. These lines all correspond to Salon internal stuff. The next chunk is where the action is. Original Email Headers (cont'd) Headers from the denial email (cont'd) Received: from 02exbhizn02.iraq.centcom.mil (02exbhizn02.iraq.centcom.mil [214.13.200.111]) by rich.salon.com (8.12.11/8.12.11) with ESMTP id l9SBFSff004148 for ; Sun, 28 Oct 2007 04:15:36 -0700 Received: from 02exbhizn02.iraq.centcom.mil (02exbhizn02.iraq.centcom.mil [214.13.200.111]) by rich.salon.com (8.12.11/8.12.11) with ESMTP id l9SFwT1S017514 for ; Sun, 28 Oct 2007 08:58:33 -0700

These are the really important lines. This is where the handoff to Salon from 02exbhizn02.iraq.centcom.mil took place. Or, at least, it was a handoff from 214.13.200.111, which claims to be 02exbhizn02.iraq.centcom.mil - let's see if that claim holds up. Running the host command, designed for just such an occasion, we see: $ host 214.13.200.111 111.200.13.214.in-addr.arpa domain name pointer 02exbhizn02.iraq.centcom.mil. and we see $ host 02exbhizn02.iraq.centcom.mil 02exbhizn02.iraq.centcom.mil has address 214.13.200.111

So now we know that a military computer, and the same one each time, was the computer that handed both these emails to Salon's system. Also note that the above lines are exactly the same except for the ESMTP id and timestamp - this small difference is because the headers are from two different emails sent at two different times, and the ESMTP id is unique for a given email. This is about as good as we can guarantee - subsequent lines depend on systems outside of Salon's audit purview. But looking at the following lines should still provide evidence.

In particular, radical differences in subsequent lines would be evidence that the military email system was compromised in some fashion, while them being largely similar indicates that that same person and machine sent all the emails. Original Email Headers (cont'd) Headers from the denial email (cont'd) Received: from INTZEXEBHIZN01.iraq.centcom.mil ([10.70.20.11]) by 02exbhizn02.iraq.centcom.mil with Microsoft SMTPSVC(6.0.3790.3959); Sun, 28 Oct 2007 14:15:05 +0300 Received: from INTZEXEBHIZN01.iraq.centcom.mil ([10.70.20.11]) by 02exbhizn02.iraq.centcom.mil with Microsoft SMTPSVC(6.0.3790.3959); Sun, 28 Oct 2007 18:58:11 +0300 Received: from INTZEXEVSIZN02.iraq.centcom.mil ([10.70.20.16]) by INTZEXEBHIZN01.iraq.centcom.mil with Microsoft SMTPSVC(6.0.3790.3959); Sun, 28 Oct 2007 14:15:05 +0300 Received: from INTZEXEVSIZN02.iraq.centcom.mil ([10.70.20.16]) by INTZEXEBHIZN01.iraq.centcom.mil with Microsoft SMTPSVC(6.0.3790.3959); Sun, 28 Oct 2007 18:58:11 +0300 Content-class: Content-class: urn: urn: content-classes:message content-classes:message MIME-Version: 1.0 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Type: text/plain; charset="us-ascii" Subject: The growing link between the U.S. military and right-wing media and blogs Subject: RE: The growing link between the U.S. military and right-wing media and blogs X-MimeOLE: Produced By Microsoft Exchange V6.5 X-MimeOLE: Produced By Microsoft Exchange V6.5 Date: Sun, 28 Oct 2007 14:15:05 +0300 Date: Sun, 28 Oct 2007 18:58:11 +0300 Message-ID: In-Reply-To: <9EE79D5BD1CA47D49B60A519F190F98D@GlennPC> X-MS-Has-Attach: X-MS-Has-Attach: X-MS-TNEF-Correlator: X-MS-TNEF-Correlator: Thread-Topic: The growing link between the U.S. military and right-wing media and blogs Thread-Topic: The growing link between the U.S. military and right-wing media and blogs Thread-Index: AcgZU8rMDQqwmH5eRre22Ga+dQFPsw== Thread-Index: AcgZeFOWoEK/zLZxSZm4qrlSEvjjHQAAf2iw References: <7EED9730BDFDA64183D4BE1C41F917BB397123@INTZEXEVSIZN02.iraq.centcom.mil> <9EE79D5BD1CA47D49B60A519F190F98D@GlennPC> From: "Boylan, Steven COL MNF-I CMD GRP CG PAO" From: "Boylan, Steven COL MNF-I CMD GRP CG PAO" To: To: "Glenn Greenwald" X-OriginalArrivalTime: 28 Oct 2007 11:15:05.0804 (UTC) FILETIME=[CAF430C0:01C81953] X-OriginalArrivalTime: 28 Oct 2007 15:58:11.0534 (UTC) FILETIME=[573CE6E0:01C8197B] Content-Transfer-Encoding: 8bit Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by mailer.salon.com id l9SBFgrP024411 X-MIME-Autoconverted: from quoted-printable to 8bit by mailer.salon.com id l9SFwcx5001032 X-IMAPbase: 1193356123 291 NonJunkStatus: O Status: O X-UID: 273 X-UID: 291 Content-Length: 4757 Content-Length: 5860 X-Keywords: X-Keywords:

And these headers are about what you would expect if they were to come from the same person. The main differences between them have to do with the fact that the second message is a reply to the first, and so contains references to the first so that email clients will know what thread to put the message in.

Note, in particular, that the exact same version of Microsoft Exchange is credited with sending out both emails (and it's an old version), and also that the weird Microsoft tags are the same.

Based on this, I have to conclude that these two emails were written by the same person. Or, someone has hacked into the military infrastructure in an effort to discredit this one Colonel by sending cranky emails to bloggers. But one of the two, certainly.

— Peter Boothe pboothe1@uoregon.edu Sun Oct 28 13:04:18 PDT 2007

Post Comment   Private Reply   Ignore Thread  


TopPage UpFull ThreadPage DownBottom/Latest

#1. To: Mekons4 (#0)

What are the odds that this public affairs Colonel Boylan will survive with his out and out lies?

Fred Mertz  posted on  2007-10-30   23:32:12 ET  Reply   Trace   Private Reply  


#2. To: Mekons4 (#0)

So now we know that a military computer, and the same one each time, was the computer that handed both these emails to Salon's system.

This one is difficult to follow.

Ron Paul for President - Join a Ron Paul Meetup group today!

robin  posted on  2007-10-31   0:36:28 ET  Reply   Trace   Private Reply  


#3. To: Fred Mertz (#1)

What are the odds that this public affairs Colonel Boylan will survive

100% certain he survives.

nolu_chan  posted on  2007-10-31   18:52:33 ET  Reply   Trace   Private Reply  


#4. To: nolu_chan (#3)

100% certain he survives.

Maybe not, if Petraeus's boss CENTCOM commander Adm. Fallon has anything to say about it.

If Fallon despises Petraeus, it's easy to guess what he thinks of Boylan.

To reason, indeed, he was not in the habit of attending. His mode of arguing, if it is to be so called, was one not uncommon among dull and stubborn persons, who are accustomed to be surrounded by their inferiors. He asserted a proposition; and, as often as wiser people ventured respectfully to show that it was erroneous, he asserted it again, in exactly the same words, and conceived that, by doing so, he at once disposed of all objections. - Macaulay, "History of England," Vol. 1, Chapter 6, on James II.

aristeides  posted on  2007-10-31   18:54:51 ET  Reply   Trace   Private Reply  


TopPage UpFull ThreadPage DownBottom/Latest


[Home]  [Headlines]  [Latest Articles]  [Latest Comments]  [Post]  [Sign-in]  [Mail]  [Setup]  [Help]