Originally posted by Wolfala
So far i've got senior management on my side. I showed the originating message and the message which was cooked. The guy did a pretty lousey job of covering his tracks b/c I called one of the guys who was supposedly CC'd on the message - but he never got it, and we verified that with 2 other guys who were on the list.
Its pretty much open and shut so far as me being in the clear. I've got an appointment this afternoon in San Jose with a criminal attorney to see how this plays out from a legal standpoint.
So far, my status is Warning Yellow - Weapons Hold.
Wolf
Print out a copy of the email showing all the header information. Ask for the email server logs for that day and firewall connection logs to the email server as well. The email server connections will also reveal a lot of detail.
Email headers will look like this (but longer... this is just a snippit):
received: from renaissance.co.nz (smtp2.renaissance.co.nz [10.100.0.5]) by rennzaklex1.renaissance.co.nz with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2657.72)
id 3L3B6CVY; Mon, 10 Jul 2006 15:45:01 +1200
Received: from ([67.115.118.13])
by smtp2.renaissance.co.nz with ESMTP id 4420263.3192789;
Mon, 10 Jul 2006 15:42:18 +1200
Lemme know if you need to know more.