Tom_Hickerson
asked on
Figuring out where email came from
We received a questionable email from someone who is impersonating someone else. I would like to know who sent it, but I dont know if that is possible. Here is some info in the internet headers. From what I can tell it came from a starband user, but that is all I can tell. Is there any more info that can be gleamed from the attached?
Return-Path: <XXXXXXXXXXXXXXXXX>
X_CMAE_Category: 0,0 Undefined,Undefined
X-CNFS-Analysis: v=1.0 c=1 a=_-Hmsu7C0sKqpCg7VhIA:9 a=2HqOjAGimJ7zt87a840A:7 a=lNrmymTyf_kTRi9Zj4bZqd2a gakA:4 a=SSmOFEACAAAA:8 a=9nmmjTz0I2vZj4bls2EA:9 a=w_7HTp9zkjXSqNjrbdMA:7 a=EDbFgzN2aQj8HlpCMPsbhZlk 6UEA:4
X-CM-Score: 0
X-Scanned-by: Cloudmark Authority Engine
Authentication-Results: smtp02.embarq.synacor.com smtp.user=XXXXX; auth=pass (LOGIN)
Received: from [65.40.186.200] ([65.40.186.200:2020] helo=XXXXXcom)
by mailrelay.embarq.synacor.c om (envelope-from <XXXXXXXXXX>)
(ecelerity 2.2.2.36 r(27513/27514)) with ESMTPSA (cipher=AES256-SHA)
id 18/D0-29143-97DDDF94; Sun, 03 May 2009 14:07:54 -0400
Resent-From: <XXXXXXXXXXXXX>
Resent-To: <XXXXXXXXXXXXXX>
Resent-Date: Sun, 3 May 2009 13:07:54 -0500
X-Loop: <XXXXXXXXXXXXXXXXX>
X-Spam-Status: No, hits=0.0 required=5.0
tests=AWL: -0.273,BAYES_00: -1.665,HTML_90_100: 0.113,
HTML_MESSAGE: 0.001,NO_REAL_NAME: 0.961,X_PRIORITY_HIGH: 0.433,
TOTAL_SCORE: -0.430
X-Spam-Level:
Received: from svarog.email.starband.net ([148.78.247.55])
by XXXXXXXXXX (Kerio MailServer 6.6.0)
(using TLSv1/SSLv3 with cipher AES256-SHA (256 bits))
for XXXXXXXXXXXXXXXXXXXX;
Sun, 3 May 2009 13:07:41 -0500
Received: from your4dacd0ea75 (vsat-148-63-39-100.c001.g 4.mrt.star band.net [148.63.39.100])
(authenticated bits=0)
by svarog.email.starband.net (8.13.8/8.14.2) with ESMTP id n43I7G7c020717
for <XXXXXXXXXXXX>; Sun, 3 May 2009 14:07:22 -0400
From: <XXXXXXXXXXXX>
To: <XXXXXXXXXX>
Subject: XXXXXXXXX
Date: Sun, 3 May 2009 13:07:15 -0500
Message-ID: <8EA93A08181A45D48C7974A13 6DB880E@yo ur4dacd0ea 75>
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_0 00_00D5_01 C9CBF0.193 17130"
X-Priority: 1 (Highest)
X-MSMail-Priority: High
X-Mailer: Microsoft Office Outlook 11
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5579
thread-index: AcnMGf0Qmba9JGHwQe+l3yeLhZ zimw==
Importance: High
X-Virus-Scanned: ClamAV 0.92.1/9320/Sun May 3 02:19:28 2009 on svarog.email.starband.net
X-Virus-Status: Clean
Return-Path: <XXXXXXXXXXXXXXXXX>
X_CMAE_Category: 0,0 Undefined,Undefined
X-CNFS-Analysis: v=1.0 c=1 a=_-Hmsu7C0sKqpCg7VhIA:9 a=2HqOjAGimJ7zt87a840A:7 a=lNrmymTyf_kTRi9Zj4bZqd2a
X-CM-Score: 0
X-Scanned-by: Cloudmark Authority Engine
Authentication-Results: smtp02.embarq.synacor.com smtp.user=XXXXX; auth=pass (LOGIN)
Received: from [65.40.186.200] ([65.40.186.200:2020] helo=XXXXXcom)
by mailrelay.embarq.synacor.c
(ecelerity 2.2.2.36 r(27513/27514)) with ESMTPSA (cipher=AES256-SHA)
id 18/D0-29143-97DDDF94; Sun, 03 May 2009 14:07:54 -0400
Resent-From: <XXXXXXXXXXXXX>
Resent-To: <XXXXXXXXXXXXXX>
Resent-Date: Sun, 3 May 2009 13:07:54 -0500
X-Loop: <XXXXXXXXXXXXXXXXX>
X-Spam-Status: No, hits=0.0 required=5.0
tests=AWL: -0.273,BAYES_00: -1.665,HTML_90_100: 0.113,
HTML_MESSAGE: 0.001,NO_REAL_NAME: 0.961,X_PRIORITY_HIGH: 0.433,
TOTAL_SCORE: -0.430
X-Spam-Level:
Received: from svarog.email.starband.net ([148.78.247.55])
by XXXXXXXXXX (Kerio MailServer 6.6.0)
(using TLSv1/SSLv3 with cipher AES256-SHA (256 bits))
for XXXXXXXXXXXXXXXXXXXX;
Sun, 3 May 2009 13:07:41 -0500
Received: from your4dacd0ea75 (vsat-148-63-39-100.c001.g
(authenticated bits=0)
by svarog.email.starband.net (8.13.8/8.14.2) with ESMTP id n43I7G7c020717
for <XXXXXXXXXXXX>; Sun, 3 May 2009 14:07:22 -0400
From: <XXXXXXXXXXXX>
To: <XXXXXXXXXX>
Subject: XXXXXXXXX
Date: Sun, 3 May 2009 13:07:15 -0500
Message-ID: <8EA93A08181A45D48C7974A13
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_0
X-Priority: 1 (Highest)
X-MSMail-Priority: High
X-Mailer: Microsoft Office Outlook 11
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5579
thread-index: AcnMGf0Qmba9JGHwQe+l3yeLhZ
Importance: High
X-Virus-Scanned: ClamAV 0.92.1/9320/Sun May 3 02:19:28 2009 on svarog.email.starband.net
X-Virus-Status: Clean
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.