Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 433
  • Last Modified:

Figuring out where email came from

We received a questionable email from someone who is impersonating someone else.  I would like to know who sent it, but I dont know if that is possible.  Here is some info in the internet headers.  From what I can tell it came from a starband user, but that is all I can tell.  Is there any more info that can be gleamed from the attached?

Return-Path: <XXXXXXXXXXXXXXXXX>
X_CMAE_Category: 0,0 Undefined,Undefined
X-CNFS-Analysis: v=1.0 c=1 a=_-Hmsu7C0sKqpCg7VhIA:9 a=2HqOjAGimJ7zt87a840A:7 a=lNrmymTyf_kTRi9Zj4bZqd2agakA:4 a=SSmOFEACAAAA:8 a=9nmmjTz0I2vZj4bls2EA:9 a=w_7HTp9zkjXSqNjrbdMA:7 a=EDbFgzN2aQj8HlpCMPsbhZlk6UEA:4
X-CM-Score: 0
X-Scanned-by: Cloudmark Authority Engine
Authentication-Results:  smtp02.embarq.synacor.com smtp.user=XXXXX; auth=pass (LOGIN)
Received: from [65.40.186.200] ([65.40.186.200:2020] helo=XXXXXcom)
            by mailrelay.embarq.synacor.com (envelope-from <XXXXXXXXXX>)
            (ecelerity 2.2.2.36 r(27513/27514)) with ESMTPSA (cipher=AES256-SHA)
            id 18/D0-29143-97DDDF94; Sun, 03 May 2009 14:07:54 -0400
Resent-From: <XXXXXXXXXXXXX>
Resent-To: <XXXXXXXXXXXXXX>
Resent-Date: Sun, 3 May 2009 13:07:54 -0500
X-Loop: <XXXXXXXXXXXXXXXXX>
X-Spam-Status: No, hits=0.0 required=5.0
            tests=AWL: -0.273,BAYES_00: -1.665,HTML_90_100: 0.113,
            HTML_MESSAGE: 0.001,NO_REAL_NAME: 0.961,X_PRIORITY_HIGH: 0.433,
            TOTAL_SCORE: -0.430
X-Spam-Level:
Received: from svarog.email.starband.net ([148.78.247.55])
            by XXXXXXXXXX (Kerio MailServer 6.6.0)
            (using TLSv1/SSLv3 with cipher AES256-SHA (256 bits))
            for XXXXXXXXXXXXXXXXXXXX;
            Sun, 3 May 2009 13:07:41 -0500
Received: from your4dacd0ea75 (vsat-148-63-39-100.c001.g4.mrt.starband.net [148.63.39.100])
            (authenticated bits=0)
            by svarog.email.starband.net (8.13.8/8.14.2) with ESMTP id n43I7G7c020717
            for <XXXXXXXXXXXX>; Sun, 3 May 2009 14:07:22 -0400
From: <XXXXXXXXXXXX>
To: <XXXXXXXXXX>
Subject: XXXXXXXXX
Date: Sun, 3 May 2009 13:07:15 -0500
Message-ID: <8EA93A08181A45D48C7974A136DB880E@your4dacd0ea75>
MIME-Version: 1.0
Content-Type: multipart/alternative;
            boundary="----=_NextPart_000_00D5_01C9CBF0.19317130"
X-Priority: 1 (Highest)
X-MSMail-Priority: High
X-Mailer: Microsoft Office Outlook 11
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5579
thread-index: AcnMGf0Qmba9JGHwQe+l3yeLhZzimw==
Importance: High
X-Virus-Scanned: ClamAV 0.92.1/9320/Sun May  3 02:19:28 2009 on svarog.email.starband.net
X-Virus-Status: Clean
0
Tom_Hickerson
Asked:
Tom_Hickerson
1 Solution
 
Rob132332Commented:
Hi - have you tried to pop some of the IPs into a site like this one to see what comes up?
http://member.dnsstuff.com/pages/tools.php?ptype=free
Try the WHOIS/IPWHOIS Lookup section.  
Thanks.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now