Re: Determining that someone is not the author of an offensive email

Hey Flavio, I don't have a great deal of advise to give, but I am curious 
about a few things:

I know literally nothing about Brazilian law, but how is it against the law 
to send an offensive email?  And even if it is, how in the world do you get 
a search warrant for 12 people with no evidence directly linking any of them?

> There were 12 apartments connected to that ADSL line. All them had
> false IP numbers (198.162.???.???).

This was pointed out once before, but 192.162.x.x is very real (public) 
ip-space.  192.168.x.x is private (fake, if you will), I assume this is what 
you meant?

Do you know if the NAT router has wireless capabilities, or if ANY of the 12 
people had a wireless access point?  If so ANYONE could have attached to it 
and sent the message.  There is also the possibility of one of their 
computers being compromised, in which case a remote attacker could have sent 
it through them.

> The message was forwarded by four mail servers:
> - Hotmail, timestamp 22:20 -0000
> - MSN. timestamp 22:20 -0000
> - a brazilian provider (BP), timestamp (16:20 -0300)
> - a brazilian company (BC), timestamp (16:20 -0300)

These times don't add up if -0300 is correct, just convert them to all to UTC:

Hotmail, timestamp 22:20 -0000
MSN. timestamp 22:20 -0000
brazilian provider (BP), timestamp (19:20 -0000)
brazilian company (BC), timestamp (19:20 -0000)

For this to be true MSN must have sent the message back in time 3 hours.  It 
is more likely that 19:20 -0300 is correct, then the times match perfectly.

Just a few questions/thoughts,
Alan