Hi Lynn, On Sun, 23 Jun 2002 10:27:26 -0700, you wrote: > I gather that only someone with SpamCop's resources has > any chance of figuring out where the thing really came > from ..?
Depends on how easy you find it to type a command, or use a website. View the headers for the email, follow the Recieved: header lines, the ones closer to the top are the ones closer to you. The one you're more interested in, is the first Recieved: header, which *should* give you an IP address that connected to the mail server to send the mail. Then use a resource such as http://samspade.org and in the "Do Stuff" box, put that IP address in. Samspade then runs numerous queries, and *should* be able to tell you which network the user connected from, and contact details for that block of IP addresses. That is basically all spamcop does, just saves you a fair bit of work :) Lets take for an example, the email I'm replying to... The last received line shows this: Received: from [198.92.66.52] by omclust1.macnet.com (NTMail 7.02.3037/NT2917.00.86700c28) with ESMTP id qaypggaa for [EMAIL PROTECTED]; Sun, 23 Jun 2002 10:21:44 -0700 Now if we break it down... 198.92.66.52 is the IP address of the computer that connected to the mail server, omclust1.macnet.com is the mail server, running NT mail service. Samspade.org then returns that that IP address is being run on a service called Online-Mac... the contact for that domain is [EMAIL PROTECTED] took me all of 5 mins, but takes spamcop 30 seconds to do it all for me ;) Hope this gives you a hint as in how the system works. -- Jonathan Angliss ([EMAIL PROTECTED]) ________________________________________________________ Current Ver: 1.60q FAQ : http://faq.thebat.dutaint.com Unsubscribe: mailto:[EMAIL PROTECTED] Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Bug Reports: https://www.ritlabs.com/bt/
