Page 1 of 1

How do I find who sent this?

PostPosted: Mon Sep 18, 2006 6:13 pm
by Timbee
Received: from bay0-omc1-s17.bay0.hotmail.com ([65.54.246.89])
by alnrmxc14.comcast.net (alnrmxc14) with ESMTP
id <20060909233901a1400lidcre>; Sat, 9 Sep 2006 23:39:01 +0000
X-Originating-IP: [65.54.246.89]
Received: from hotmail.com ([64.4.11.53]) by bay0-omc1-s17.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.1830);
Sat, 9 Sep 2006 16:39:01 -0700
Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC;
Sat, 9 Sep 2006 16:39:00 -0700
Message-ID: <BAY7>
Received: from 63.164.145.85 by by7fd.bay7.hotmail.msn.com with HTTP;
Sat, 09 Sep 2006 23:38:56 GMT
X-Originating-IP: [63.164.145.85]
X-Originating-Email: [[email protected]]
X-Sender: [email protected]
From: "Tiffany Pfeifer" <yankeesita>
To: [email protected]
Bcc:
Subject: so sorry
Date: Sat, 09 Sep 2006 19:38:56 -0400
Mime-Version: 1.0
Content-Type: text/plain; format=flowed
X-OriginalArrivalTime: 09 Sep 2006 23:39:00.0874 (UTC) FILETIME=[2082DEA0:01C6D469]
Return-Path: [email protected]

Re: How do I find who sent this?

PostPosted: Tue Sep 19, 2006 9:47 am
by robocoder
While spammers often forge entries in the mail header, it seems the most likely source is:
X-Originating-IP: [63.164.145.85]
The 'whois' record shows this IP (range) assigned to Kinkos. If you have gripe, contact [email protected].

Traceroute shows:
...
13 sl-bb20-fw-12-0.sprintlink.net (144.232.11.17) 75.937 ms 74.736 ms 75.610 ms
14 sl-dr20-dal-15-0.sprintlink.net (144.232.19.53) 76.819 ms 75.906 ms 76.043 ms
15 65.163.246.10 (65.163.246.10) 75.532 ms 75.030 ms 75.818 ms
16 63.164.145.4 (63.164.145.4) 75.753 ms !X * *
17 63.164.145.4 (63.164.145.4) 77.115 ms !X * *
Is "Dallas" a clue?

Beyond that, it's not evident whether or not this IP address, along with the date/time of the email, can be traced back to a specific user. (For example, it could be the IP address of a NAT router.)

Re: How do I find who sent this?

PostPosted: Wed May 27, 2009 3:48 am
by look4shoe
This information seems quite useful.