Solved

Tracing an Anonymous Email

Posted on 2004-10-01
4
1,759 Views
Last Modified: 2008-01-09
Is there any way to trace an abusive email sent from an anonymous emailer? The header is below, minus my the final destination to keep spammers away. I have traced the path as far as I can to italy...but beyond that I don't know what else to do. The site it refers to is not an annonymous mailer and does not look to be the beginning of the chain, but then again I don't know much about anonymous mailing, so I could be wrong. Any help you could provide would be greatly appreciated. Thank you.

-----------HEADERS--------------------------

Return-path: <italyremailer@email.it>
*******I REMOVED THE DESTINATION HEADER
Received: from smtp.italy-anonymous-remailer.it
 (host114-6.pool80117.interbusiness.it [80.117.6.114])
 by mta24.srv.hcvlny.cv.net
 (iPlanet Messaging Server 5.2 HotFix 1.25 (built Mar  3 2004))
 with ESMTP id <0I4V00JL62I4RB@mta24.srv.hcvlny.cv.net> *********** INFO REMOVED BY ME
*********; Thu, 30 Sep 2004 11:46:54 -0400 (EDT)
Received: from Spooler by smtp.italy-anonymous-remailer.it (Mercury/32 v3.32)
 ID MO000DDB; Thu, 30 Sep 2004 17:46:09 +0200
Received: from spooler by italy-anonymous-remailer.it (Mercury/32 v3.32); Thu,
 30 Sep 2004 17:45:58 +0200
Received: from nuovo.mshome.net (127.0.0.1) by Italy Remailer SMTP Server
 (Mercury/32 v3.32) ID MG000DC7; Thu, 30 Sep 2004 17:45:50 +0200
Date: Thu, 30 Sep 2004 15:45:50 +0000
From: nobody@See.Comments.Header (Italy Anonymous Remailer)
Subject: (No Subject)
To: ******************REMOVED
Message-id: <XIVPWYRN38260.740162037@anonymous.poster>
MIME-version: 1.0
Content-type: TEXT/PLAIN
Content-transfer-encoding: 8BIT
Comments: This message did not originate from the above address. It was
 automatically remailed by one or more anonymous mail services.
Original-recipient: rfc822;***************removed
0
Comment
Question by:pcobs2001
  • 2
4 Comments
 
LVL 19

Expert Comment

by:RanjeetRain
ID: 12212912
You should forward these message as attachment to postmaster@smtp.italy-anonymous-remailer.it and tell them that they are sending SPAM. That's the only immediate help option wth you.
0
 
LVL 3

Expert Comment

by:xp_commander
ID: 12216877
Here is a basic simple explanations and all about Remailers... do a google and would find out more.

Once you have read it , you know there is no way to trace the original mailer , otherwise it defies the purpose of remailers.

You have two options , one is to get hold of somebody and report him/her through email or WHOIS record for "italy-anonymous-remailer.it" ( I don't know if I am allowed to paste any WHOIS records here but you can easily do a lookup for WHOIS using many websites on internet)

Or you can use one of the mail bouncer programs that would bounce the mail back to remailers which is configured properly would log it and might display error to the sending person saying your email account does not exist.

Good Luck
0
 
LVL 10

Accepted Solution

by:
LRI41 earned 500 total points
ID: 12222185
DNS Tools-WHOIS-Tracert, Ping-and other network tools

There is currently no cost for the DNS report or the other tests, and it is ad-free

among others>:

Spam database lookup            


Reverse DNS lookup                  

IPWHOIS Lookup                  


http://www.dnsstuff.com/

0
 
LVL 10

Expert Comment

by:LRI41
ID: 12251855
pcobs2001  U should also check out:

Sam Spade v1.14

PC World OCTOBER 7, 2004
The fight against spammers can sometimes seem a losing battle, but every now and then there are tools to give you a glimmer of hope. Sam Spade is a network-query tool that can help you locate bulk mailers and maybe even make them answer for their transgressions.
Many server-finding tools, such as nslookup, whois, and traceroute, have been previously available, but only from a command line. Sam Spade lets you use these tools from a graphical interface, and information found with one tool can be queried using another. Its SMTP Verify tool helps you check on the validity of an e-mail address, which is good for finding out if mail is being sent from that address or forwarded from another address to cover the spammer's tracks.
Another helpful feature sends HTTP packets to your ISP's Web server every minute or so, to keep a dial-up link active. There is also an included Web browser. An abuse.net query will identify the e-mail addresses listed at a database maintained by abuse.net.   Download
http://www.pcworld.com/downloads/file_description/0,fid,4709,00.asp

Sam Spade for Windows

http://www.samspade.org/ssw/

http://www.samspade.org/



0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I didn’t use eM Client for long when I decided to swap to Outlook 2016. The reason for the switch is that it started asking for payment to continue some of its services after one month.   The problems I faced when I didn’t pay were:   I was not …
This article will describe some of the best ways to process an ex-employee from an Office 365 subscription. I will describe the methods I would recommend when the data needs to be kept for the ex-employee as well as how to manage any new email as we…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …
Many of my clients call in with monstrous Gmail overloading issues with Outlook. A quick tip is to turn off the All Mail and Important folders from synching. Here is a quick video I made to show you how to turn off these and other folders in Gmail s…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now