pcobs2001
asked on
Tracing an Anonymous Email
Is there any way to trace an abusive email sent from an anonymous emailer? The header is below, minus my the final destination to keep spammers away. I have traced the path as far as I can to italy...but beyond that I don't know what else to do. The site it refers to is not an annonymous mailer and does not look to be the beginning of the chain, but then again I don't know much about anonymous mailing, so I could be wrong. Any help you could provide would be greatly appreciated. Thank you.
-----------HEADERS-------- ---------- --------
Return-path: <italyremailer@email.it>
*******I REMOVED THE DESTINATION HEADER
Received: from smtp.italy-anonymous-remai ler.it
(host114-6.pool80117.inter business.i t [80.117.6.114])
by mta24.srv.hcvlny.cv.net
(iPlanet Messaging Server 5.2 HotFix 1.25 (built Mar 3 2004))
with ESMTP id <0I4V00JL62I4RB@mta24.srv. hcvlny.cv. net> *********** INFO REMOVED BY ME
*********; Thu, 30 Sep 2004 11:46:54 -0400 (EDT)
Received: from Spooler by smtp.italy-anonymous-remai ler.it (Mercury/32 v3.32)
ID MO000DDB; Thu, 30 Sep 2004 17:46:09 +0200
Received: from spooler by italy-anonymous-remailer.i t (Mercury/32 v3.32); Thu,
30 Sep 2004 17:45:58 +0200
Received: from nuovo.mshome.net (127.0.0.1) by Italy Remailer SMTP Server
(Mercury/32 v3.32) ID MG000DC7; Thu, 30 Sep 2004 17:45:50 +0200
Date: Thu, 30 Sep 2004 15:45:50 +0000
From: nobody@See.Comments.Header (Italy Anonymous Remailer)
Subject: (No Subject)
To: ******************REMOVED
Message-id: <XIVPWYRN38260.740162037@a nonymous.p oster>
MIME-version: 1.0
Content-type: TEXT/PLAIN
Content-transfer-encoding: 8BIT
Comments: This message did not originate from the above address. It was
automatically remailed by one or more anonymous mail services.
Original-recipient: rfc822;***************remo ved
-----------HEADERS--------
Return-path: <italyremailer@email.it>
*******I REMOVED THE DESTINATION HEADER
Received: from smtp.italy-anonymous-remai
(host114-6.pool80117.inter
by mta24.srv.hcvlny.cv.net
(iPlanet Messaging Server 5.2 HotFix 1.25 (built Mar 3 2004))
with ESMTP id <0I4V00JL62I4RB@mta24.srv.
*********; Thu, 30 Sep 2004 11:46:54 -0400 (EDT)
Received: from Spooler by smtp.italy-anonymous-remai
ID MO000DDB; Thu, 30 Sep 2004 17:46:09 +0200
Received: from spooler by italy-anonymous-remailer.i
30 Sep 2004 17:45:58 +0200
Received: from nuovo.mshome.net (127.0.0.1) by Italy Remailer SMTP Server
(Mercury/32 v3.32) ID MG000DC7; Thu, 30 Sep 2004 17:45:50 +0200
Date: Thu, 30 Sep 2004 15:45:50 +0000
From: nobody@See.Comments.Header
Subject: (No Subject)
To: ******************REMOVED
Message-id: <XIVPWYRN38260.740162037@a
MIME-version: 1.0
Content-type: TEXT/PLAIN
Content-transfer-encoding:
Comments: This message did not originate from the above address. It was
automatically remailed by one or more anonymous mail services.
Original-recipient: rfc822;***************remo
You should forward these message as attachment to postmaster@smtp.italy-anon ymous-rema iler.it and tell them that they are sending SPAM. That's the only immediate help option wth you.
Here is a basic simple explanations and all about Remailers... do a google and would find out more.
Once you have read it , you know there is no way to trace the original mailer , otherwise it defies the purpose of remailers.
You have two options , one is to get hold of somebody and report him/her through email or WHOIS record for "italy-anonymous-remailer. it" ( I don't know if I am allowed to paste any WHOIS records here but you can easily do a lookup for WHOIS using many websites on internet)
Or you can use one of the mail bouncer programs that would bounce the mail back to remailers which is configured properly would log it and might display error to the sending person saying your email account does not exist.
Good Luck
Once you have read it , you know there is no way to trace the original mailer , otherwise it defies the purpose of remailers.
You have two options , one is to get hold of somebody and report him/her through email or WHOIS record for "italy-anonymous-remailer.
Or you can use one of the mail bouncer programs that would bounce the mail back to remailers which is configured properly would log it and might display error to the sending person saying your email account does not exist.
Good Luck
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
pcobs2001 U should also check out:
Sam Spade v1.14
PC World OCTOBER 7, 2004
The fight against spammers can sometimes seem a losing battle, but every now and then there are tools to give you a glimmer of hope. Sam Spade is a network-query tool that can help you locate bulk mailers and maybe even make them answer for their transgressions.
Many server-finding tools, such as nslookup, whois, and traceroute, have been previously available, but only from a command line. Sam Spade lets you use these tools from a graphical interface, and information found with one tool can be queried using another. Its SMTP Verify tool helps you check on the validity of an e-mail address, which is good for finding out if mail is being sent from that address or forwarded from another address to cover the spammer's tracks.
Another helpful feature sends HTTP packets to your ISP's Web server every minute or so, to keep a dial-up link active. There is also an included Web browser. An abuse.net query will identify the e-mail addresses listed at a database maintained by abuse.net. Download
http://www.pcworld.com/downloads/file_description/0,fid,4709,00.asp
Sam Spade for Windows
http://www.samspade.org/ssw/
http://www.samspade.org/
Sam Spade v1.14
PC World OCTOBER 7, 2004
The fight against spammers can sometimes seem a losing battle, but every now and then there are tools to give you a glimmer of hope. Sam Spade is a network-query tool that can help you locate bulk mailers and maybe even make them answer for their transgressions.
Many server-finding tools, such as nslookup, whois, and traceroute, have been previously available, but only from a command line. Sam Spade lets you use these tools from a graphical interface, and information found with one tool can be queried using another. Its SMTP Verify tool helps you check on the validity of an e-mail address, which is good for finding out if mail is being sent from that address or forwarded from another address to cover the spammer's tracks.
Another helpful feature sends HTTP packets to your ISP's Web server every minute or so, to keep a dial-up link active. There is also an included Web browser. An abuse.net query will identify the e-mail addresses listed at a database maintained by abuse.net. Download
http://www.pcworld.com/downloads/file_description/0,fid,4709,00.asp
Sam Spade for Windows
http://www.samspade.org/ssw/
http://www.samspade.org/