General discussion


spam tracing.

By iamsanchez ·
Here's a sample of the message header.
Could you please help me analize this info. I have replaced the name with "mycompany" and the ip address with "xxx"

I did a trace of the IP address using the whois data base and it appears to come from the phillippines. The could be relaying mail without knowing it.

Thank you.

Return-Path: <>
Received: from [] ([])
by (8.9.3/8.9.3) with SMTP id JAA15256
for <>; Fri, 12 Jul 2002 09:14:14 -0600
X-Authentication-Warning: [] didn't use HELO protocol
Content-Type: multipart/alternative; boundary="----=_NextPart_662_227828626086125"
Message-Id: <>
Subject: Adult Passwords Here
Date: Fri, 12 Jul 2002 11:17:51 -0500
X-Encoding: MIME
X-Priority: 3
Received: from by with SMTP for; Fri, 12 Jul 2002 11:17:51 -0500
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Importance: Normal

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

spam tracing.

by jereg In reply to spam tracing.

You do understand that spammers forge the header information? You may receive mail from HOTMAIL or YAHOO, but in fact, it dosen't come from there.
There are utilities that let you quickly and easily forge an address. Look around the net, you'll find it.
That said, as far as I can tell, you can't change the mail server IP address. In the first line: RECEiVED FROM, the address in brackets maybe the mail server that the mail was sent from. The servers have to connect, so that should be the address. Is that where the spammer is? Probably not. Spammers look for servers in other parts of the world that they can use to relay there mail from, thus hiding where they truely are.
I could be wrong on some of that, but I think that's the way it works.
Hope that helps.

Collapse -

spam tracing.

by iamsanchez In reply to spam tracing.

Poster rated this answer

Related Discussions

Related Forums