From: "Pilar Sancho" <[EMAIL PROTECTED]> > We are doing statistics of spam. We need to know the IP of the Relay > that delivers the messages to our organization. > > for example, simplifying: > > Received: from ([155.210.11.99]) .................. > Received: from ([155.210.11.66]) by ............... > Received: from ([193.180.251.253]) by ............. > Received: from ([158.234.34.23]) by ............... > > 155.210.11.99 and 155.210.11.66 are internal IPs to my organization > I want to obtain the IP: 193.180.251.253 > > Does anybody know as I can obtain this IP?
If you mean you want to perform a reverse DNS lookup it is easy with any of the 'NIX operating systems. The "simple" command would be "host 193.180.251.253", which in this case returns nothing useful. SO my next trick is to run a traceroute. These days I use "mtr" or "Matt's TraceRoute". This does not return an address. However if you look upwards to the first reported address in this case you get telia.net. A quick whois lookup informs me that they are in Stockholm, Sweden, Another approach is a "whois" on the address with some of the last numbers trimmed. In this case "whois 193.180.251." returns the following: --8<-- [Querying whois.ripe.net] [whois.ripe.net] % This is the RIPE Whois server. % The objects are in RPSL format. % % Rights restricted by copyright. % See http://www.ripe.net/ripencc/pub-services/db/copyright.html %WARNING:905: fixed lookup key % % The key "193.180.251." has been changed to "193.180.251.0" for lookup. inetnum: 193.180.251.0 - 193.180.251.255 netname: SE-LMSOFA descr: LM Ericsson Sodra Fastighetsforvaltning AB country: SE admin-c: BJKV1-RIPE tech-c: BJKV1-RIPE status: ASSIGNED PI mnt-by: SUNET-MNT changed: [EMAIL PROTECTED] 19930216 changed: [EMAIL PROTECTED] 19990111 changed: [EMAIL PROTECTED] 19991112 source: RIPE person: Bjorn Kvastad address: LM Ericsson Sodra Fastighetsforvaltning AB address: S-126 25 Stockholm address: Sweden phone: +46 8 719 44 06 nic-hdl: BJKV1-RIPE changed: [EMAIL PROTECTED] 19930216 changed: [EMAIL PROTECTED] 19990111 source: RIPE --8<-- Apparently Telia serves Sunet.se in Sweden. {^_^}
