The Internet Assigned Numbers Authority (IANA) has reserved the following three blocks of the IP address space for private internets:

10.0.0.0 - 10.255.255.255 (10/8 prefix)

172.16.0.0 - 172.31.255.255 (172.16/12 prefix)

192.168.0.0 - 192.168.255.255 (192.168/16 prefix)

(from http://faqs.org/rfcs/rfc1918.html )

Therefore only someone within centcom.mil can trace 10.70.20.16.

It's possible (I think) that all this information can be spoofed, and that the spoofer obtained it directly from your computer somehow. This would be possible if your machine had been infected with some kind of malware giving someone remote access to it whenever it is online.

(It is also possible the spoofer has access to Col Boylan, or that Col Boylan really is the sender.)

It would be useful to eliminate your machine as the source of the information necessary to create this hoax.

If he isn't interested in who might spoof his email address, then he should be relieved forthwith. He is the media relations guy for the military. It is significant that someone would be impersonating him.

Pathetic. But, I am not very surprised.

Be sure to check GG's Update III

I am interested in this issue. What I am doing about it does not concern you.

Translation: I'm important and you're a turd.

Whether I agree with what the email says or not is not an issue I wish to discuss with you, as I decided after our last exchange that I would not take the time or efforts to engage with you.

Translation: I'm important and you're a turd.

Is there a reason why you posted this?

Translation: I'm important and you're a turd...and I'm telling my mommy if you don't stop making faces at me.

INTZEXEVSIZN02.iraq.centcom.mil is where the trail stops - it appears to be a general mail server, or server that many people can access.

e.g, search for that name here:

http://lists.army.mil/pipermail/mnfi_newsletter/2007-June.txt

My ***totally non-expert opinion*** is that

a. centcom.mil strips some of the headers, so we in the outside world cannot trace it back beyond INTZEXEVSIZN02. (I think it is good security practice for any organization, btw. Otherwise email sent from inside the org to outside can reveal a lot about the network.)

b. as a mail server/relay, the machine is available to many military personnel, and whatever civilians are in that domain.

c. Someone is really gunning for Glenn. The purpose of the bizarre email is to intimidate and to provoke.

d. An IT person in centcom.mil would be able to look up the logged transactions on INTZEXEVSIZN02 and determine further who sent the email.

e. Here comes the problem - why would they do this trace for Glenn, or inform him of the results?

...but I suspect that one Col Steven A Boylan might soon be assigned to a position other than that of spokesperson for Gen David Petraeus.

And if it turns out Col Boylan did indeed send the original hate-mail to Glenn, and he is reassigned or booted as a consequence, then I say thank you and job well done Mr Greenwald.

A quotation from GG's update IV, purportedly from Boylan himself:

Is there a reason why you posted this?

Erm, yes, "Colonel". It's because Greenwald is trying, with extraordinary diligence, to get to the truth as a courtesey to your rank and position. He's concerned that someone is issuing drivel in your name, and you seem to be remarkably unconcerned about this, in a most peculiar way, I might add.

If I were the PAO of a four star general I would be livid at this point in time, calling up the commander of the signal unit that owns the mailhost, having techs rip my workstation apart, trying to determine if someone was using my name and position to create political headaches for my boss.

This is a security issue. It is not trivial. Someone who can spoof your email address can create untold mischief that can get people killed. This is not something one shrugs one's shoulders over. If your mailhost has been compromised, it's a big friggin' deal.

Thank you for demonstrating your skills as an insolent assclown. You've depicted Glenn's point all too well with your petulant words. "Pathetic" doesn't even begin to describe your replies and denials of sending these emails.

Gosh, you make us all so proud to be leading us into total chaos in the Middle East. I promise to clap harder from now on. Maybe it will all just go away if I put a little more elbow grease in my clapping skills.

10.70.20.11 is what is called a private IP. Normally it does not route, i.e. traffic stays within the subnet using the private IP address range. There are three ranges of private IP numbers officially sanctioned. 10. is one of them.

Private IPs are used to do NAT behind routers, and expand the number of Internet connected computers by NOT using public IP numbers, which do route.

So, you do not go searching for 10.70.20.11, that is a waste of time. You are just looking at the originating computer on an IP number behind a computer and a router on some public IP number that is outward facing and translating traffic to and from the public IP space.

If you do a traceroute on the domain name for the military address of origin, you get: iraq.centcom.mil [214.13.138.179]. This and the IP number obviously related to the IP of the specific server indicated in the email headers, and clearly are coming from DOD space, as shown by looking up and finding the entire /8 netblock assigned:

OrgName: DoD Network Information Center

OrgID: DNIC

Address: 3990 E. Broad Street

City: Columbus

StateProv: OH

PostalCode: 43218

Country: US

NetRange: 214.0.0.0 - 214.255.255.255

CIDR: 214.0.0.0/8

NetName: DDN-NIC15

NetHandle: NET-214-0-0-0-1

Source: http://www.arin.net

Note however, that ANYONE with enough technical skill and a little software could use a computer anywhere within that netblock and spoof being this specific officer.

If you have emails from him from an earlier exchange, which you have validated because he admits he sent them, you could compare headers and see how they were routed.

But then, again, he could sit down at any computer, depending on how he accesses email, e.g. with a web client that lets him access email services from any computer, and send the email.

But it is patently obvious the email came from within DOD IP space.