btcdrak

Satoshi email analysis

Aug 15th, 2015
7,299
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. Here's a quick technical analysis of the email sent to the bitcoin-dev mailing list today at http://lists.linuxfoundation.org/pipermail/bitcoin-dev/2015-August/010238.html
  2.  
  3. The email was sent from an anonymous email provider called vistomail.com which gives the appearance of being out of service. However you can see the logins at https://webmail.vistomail.com/
  4.  
  5. The vistomail servers are authorised to originate email by their IP address via the SPF DNS records . Satoshi used satoshi@vistomail.com when first announcing Bitcoin http://www.metzdowd.com/pipermail/cryptography/2009-January/014994.html
  6.  
  7. From this you can safely conclude the email did originate from vistomail.com servers and was not spoofed. It does not prove the account was not hacked of course.
  8.  
  9. Partial headers from the email:
  10.  
  11. Received: from mail.vistomail.com (vistomail.com [190.97.163.93])
  12. by smtp1.linuxfoundation.org (Postfix) with ESMTP id 2175813F
  13. for <bitcoin-dev@lists.linuxfoundation.org>;
  14. Sat, 15 Aug 2015 19:00:05 +0000 (UTC)
  15. Received: from DS04 ([190.97.163.93]) by vistomail.com with MailEnable ESMTP;
  16. Sat, 15 Aug 2015 13:51:14 -0500
  17.  
  18.  
  19. DNS RECORDS FOLLOW:
  20.  
  21. vistomail.com descriptive text "v=spf1 include:_spf.google.com ip4:190.97.163.93 ~all"
  22. vistomail.com has address 190.97.163.93
  23. vistomail.com mail is handled by 10 vistomail.com.
RAW Paste Data