On Jan 25, 2010, at 4:14 PM, Bruce Johnson wrote:
On Jan 25, 2010, at 1:29 PM, Bill Connelly wrote:
How do you trace bad e-mails back to their origins? These things,
mostly VIAGRA ads, are also coming from the G3-G5 list, although I
think this one came from someone who has viewed my artsite
recently. I usually send them on to [email protected]
, but I'd like to follow this one back if possible to their ISP.
Go to View >message > Raw Source (not long headers)
Well, in my case, here's the Raw Source (I had edited out the body
of the message before):
Return-path: <[email protected]>
Received: from asdf145.mailnet.smtp ([unknown] [192.223.124.145])
by vms169131.mailsrvcs.net
(Sun Java(tm) System Messaging Server 7u2-7.02 32bit (built Apr 16
2009))
with ESMTP id <[email protected]> for
[email protected]; Mon, 25 Jan 2010 10:38:01 -0600 (CST)
Date: Mon, 25 Jan 2010 08:44:32 -0800
From: "A Place For Mom" <[email protected]>
Subject: Find the Right Housing Options for Your Loved One
X-Originating-IP: [192.223.124.145]
To: <[email protected]>
Message-id: <[email protected]>
MIME-version: 1.0
Content-type: text/html
Original-recipient: rfc822;[email protected]
body edited out
Per others comments, there's not much I can do ... except go on and
send it in to
[email protected]
and convince myself "Detective Job Well Done".
And 192.223.124.145
is according to ARIN (from whois.org):
OrgName: Latin American and Caribbean IP address Regional Registry
OrgID: LACNIC Address: Rambla Republica de Mexico 6125 City:
Montevideo StateProv: PostalCode: 11400 Country: UY ReferralServer:
whois://whois.lacnic.net NetRange: 192.223.64.0 - 192.223.127.255
CIDR: 192.223.64.0/18 NetName: LACNIC-ERX-192-223-64-0 NetHandle:
NET-192-223-64-0-1 Parent: NET-192-0-0-0-0 NetType: Transferred to
LACNIC Comment: This IP address range is under LACNIC responsibility
Comment: for further allocations to users in LACNIC region. Comment:
Please see http://www.lacnic.net/ for further details, Comment: or
check the WHOIS server located at http://whois.lacnic.net RegDate:
2004-10-20 Updated: 2007-12-17 OrgTechHandle: LACNIC-ARIN OrgTechName:
LACNIC Whois Info OrgTechPhone: OrgTechEmail: [email protected]
# ARIN WHOIS database, last updated 2010-01-24 20:00 # Enter ? for
additional hints on searching ARIN's WHOIS database. # # ARIN WHOIS
data and services are subject to the Terms of Use # available at https://www.arin.net/whois_tou.html
Someone from Mexico did view my site recently (information collected
from StatCounter,com):
Number of Entries:
Entry Page Time:
Visit Length:
Browser
OS
Resolution1
24th January 2010 19:48:24
0 seconds
Safari 4.0.4
Mac OS X
1024x768Returning Visits:
Location:
Hostname:
Entry Page:
Exit Page:
Referring URL:0
Mexico Distrito Federal Mexico
dsl-189-170-75-25-dyn.prod-infinitum.com.mx (189.170.75.25) [Label IP
Address]
Moonstone Art Studio
Moonstone Art Studio
www.google.com/url?sa=D&q=http://mysite.verizon.net/moonstoneartstudio/&usg=AFQjCNFpttgQfb6Ci9axbDCAq8gOSCYT8Q
Any way to contact them back?
or just not the one?
--
You received this message because you are a member of G-Group, a group for
those using G3, G4, and G5 desktop Macs - with a particular focus on Power Macs.
The list FAQ is at http://lowendmac.com/lists/g-list.shtml and our netiquette
guide is at http://www.lowendmac.com/lists/netiquette.shtml
To post to this group, send email to [email protected]
For more options, visit this group at http://groups.google.com/group/g3-5-list
