Do a whois lookup at www.arin.net . You will get info abt the owner of IP Address.
Regards Zuhair. ----- Original Message ----- From: "Sridhar M.A." <[EMAIL PROTECTED]> To: "LI-Help" <[EMAIL PROTECTED]> Sent: Thursday, February 27, 2003 7:42 AM Subject: [LIH][OT] Tracking web mails > [Sorry for the OT posting as this is strictly Not Linux.] > > The header of a mail I received from someone I do not know is given > below. > > From [EMAIL PROTECTED] Tue Feb 25 19:24:24 2003 > Return-path: <[EMAIL PROTECTED]> > Envelope-to: [EMAIL PROTECTED] > Delivery-date: Tue, 25 Feb 2003 19:24:24 +0530 > Received: from brahman > ([127.0.0.1] helo=localhost ident=mas) > by brahman with esmtp (Exim 3.36 #1 (Debian)) > id 18nfXL-0000KQ-00 > for <[EMAIL PROTECTED]>; Tue, 25 Feb 2003 19:24:23 +0530 > Received: from pop.net4india.com [202.71.129.36] > by localhost with POP3 (fetchmail-6.1.0) > for [EMAIL PROTECTED] (single-drop); Tue, 25 Feb 2003 19:24:23 +0530 (IST) > Received: by newstorage.net4india.com (mbox z1585531-1) > (with Cubic Circle's cucipop (v1.31 1998/05/13) Tue Feb 25 19:43:30 2003) > X-From_: [EMAIL PROTECTED] Tue Feb 25 19:22:12 2003 > Received: from [203.199.70.104] (helo=web8104.in.yahoo.com) > by pop.net4india.com with smtp (Exim 4.10) > id 18nfVD-0007jT-00 > for [EMAIL PROTECTED]; Tue, 25 Feb 2003 19:22:12 +0530 > Message-ID: <[EMAIL PROTECTED]> > Received: from [202.9.165.75] by web8104.mail.in.yahoo.com via HTTP; Tue, 25 Feb 2003 13:38:04 GMT > Date: Tue, 25 Feb 2003 13:38:04 +0000 (GMT) > From: =?iso-8859-1?q?valen=20tine?= <[EMAIL PROTECTED]> > Subject: xxxxxxxx > To: [EMAIL PROTECTED] > MIME-Version: 1.0 > Content-Type: multipart/alternative; boundary="0-874626672-1046180284=:4128" > Content-Transfer-Encoding: 8bit > Status: RO > Content-Length: 3379 > Lines: 37 > > --0-874626672-1046180284=:4128 > Content-Type: text/plain; charset=iso-8859-1 > Content-Transfer-Encoding: 8bit > > <snip> > > Am I correct in assuming that the mail originated from a machine with > the ip 202.9.165.75? If so, is it possible to know in which > network/isp/city the mail originated from? I did dig 202.9.165.75 and > got this answer: > > brahman:/etc/apt# dig 202.9.165.75 > > ; <<>> DiG 9.2.1 <<>> 202.9.165.75 > ;; global options: printcmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63242 > ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 > > ;; QUESTION SECTION: > ;202.9.165.75. IN A > > ;; AUTHORITY SECTION: > . 9865 IN SOA A.ROOT-SERVERS.NET. > NSTLD.VERISIGN-GRS.COM. 2003022601 1800 900 604800 86400 > > ;; Query time: 217 msec > ;; SERVER: 203.195.221.129#53(203.195.221.129) > ;; WHEN: Thu Feb 27 07:30:49 2003 > ;; MSG SIZE rcvd: 105 > > > In such cases, how can one get an idea of the city/isp from where the mail > originated? Just curious to know. > > Regards, > > -- > Sridhar M.A. > > Conversation enriches the understanding, but solitude is the school of genius. > > > ------------------------------------------------------- > This SF.net email is sponsored by: Scholarships for Techies! > Can't afford IT training? All 2003 ictp students receive scholarships. > Get hands-on training in Microsoft, Cisco, Sun, Linux/UNIX, and more. > www.ictp.com/training/sourceforge.asp > _______________________________________________ > linux-india-help mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/linux-india-help > ------------------------------------------------------- This SF.net email is sponsored by: Scholarships for Techies! Can't afford IT training? All 2003 ictp students receive scholarships. Get hands-on training in Microsoft, Cisco, Sun, Linux/UNIX, and more. www.ictp.com/training/sourceforge.asp _______________________________________________ linux-india-help mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/linux-india-help
