Solved

Figuring out where email came from

Posted on 2009-05-04
1
421 Views
Last Modified: 2013-11-30
We received a questionable email from someone who is impersonating someone else.  I would like to know who sent it, but I dont know if that is possible.  Here is some info in the internet headers.  From what I can tell it came from a starband user, but that is all I can tell.  Is there any more info that can be gleamed from the attached?

Return-Path: <XXXXXXXXXXXXXXXXX>
X_CMAE_Category: 0,0 Undefined,Undefined
X-CNFS-Analysis: v=1.0 c=1 a=_-Hmsu7C0sKqpCg7VhIA:9 a=2HqOjAGimJ7zt87a840A:7 a=lNrmymTyf_kTRi9Zj4bZqd2agakA:4 a=SSmOFEACAAAA:8 a=9nmmjTz0I2vZj4bls2EA:9 a=w_7HTp9zkjXSqNjrbdMA:7 a=EDbFgzN2aQj8HlpCMPsbhZlk6UEA:4
X-CM-Score: 0
X-Scanned-by: Cloudmark Authority Engine
Authentication-Results:  smtp02.embarq.synacor.com smtp.user=XXXXX; auth=pass (LOGIN)
Received: from [65.40.186.200] ([65.40.186.200:2020] helo=XXXXXcom)
            by mailrelay.embarq.synacor.com (envelope-from <XXXXXXXXXX>)
            (ecelerity 2.2.2.36 r(27513/27514)) with ESMTPSA (cipher=AES256-SHA)
            id 18/D0-29143-97DDDF94; Sun, 03 May 2009 14:07:54 -0400
Resent-From: <XXXXXXXXXXXXX>
Resent-To: <XXXXXXXXXXXXXX>
Resent-Date: Sun, 3 May 2009 13:07:54 -0500
X-Loop: <XXXXXXXXXXXXXXXXX>
X-Spam-Status: No, hits=0.0 required=5.0
            tests=AWL: -0.273,BAYES_00: -1.665,HTML_90_100: 0.113,
            HTML_MESSAGE: 0.001,NO_REAL_NAME: 0.961,X_PRIORITY_HIGH: 0.433,
            TOTAL_SCORE: -0.430
X-Spam-Level:
Received: from svarog.email.starband.net ([148.78.247.55])
            by XXXXXXXXXX (Kerio MailServer 6.6.0)
            (using TLSv1/SSLv3 with cipher AES256-SHA (256 bits))
            for XXXXXXXXXXXXXXXXXXXX;
            Sun, 3 May 2009 13:07:41 -0500
Received: from your4dacd0ea75 (vsat-148-63-39-100.c001.g4.mrt.starband.net [148.63.39.100])
            (authenticated bits=0)
            by svarog.email.starband.net (8.13.8/8.14.2) with ESMTP id n43I7G7c020717
            for <XXXXXXXXXXXX>; Sun, 3 May 2009 14:07:22 -0400
From: <XXXXXXXXXXXX>
To: <XXXXXXXXXX>
Subject: XXXXXXXXX
Date: Sun, 3 May 2009 13:07:15 -0500
Message-ID: <8EA93A08181A45D48C7974A136DB880E@your4dacd0ea75>
MIME-Version: 1.0
Content-Type: multipart/alternative;
            boundary="----=_NextPart_000_00D5_01C9CBF0.19317130"
X-Priority: 1 (Highest)
X-MSMail-Priority: High
X-Mailer: Microsoft Office Outlook 11
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5579
thread-index: AcnMGf0Qmba9JGHwQe+l3yeLhZzimw==
Importance: High
X-Virus-Scanned: ClamAV 0.92.1/9320/Sun May  3 02:19:28 2009 on svarog.email.starband.net
X-Virus-Status: Clean
0
Comment
Question by:Tom_Hickerson
1 Comment
 
LVL 11

Accepted Solution

by:
Rob132332 earned 500 total points
ID: 24304458
Hi - have you tried to pop some of the IPs into a site like this one to see what comes up?
http://member.dnsstuff.com/pages/tools.php?ptype=free
Try the WHOIS/IPWHOIS Lookup section.  
Thanks.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
users outlook version on exchange 2010 5 42
MS Office 2013 for purchase 3 43
SBS 20011 to Office 365 7 54
outlook, calendar 3 29
Find out how to use dynamic social media in email signatures with this top 10 DOs & DON’Ts.
Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
This Experts Exchange video Micro Tutorial shows how to tell Microsoft Office that a word is NOT spelled correctly. Microsoft Office has a built-in, main dictionary that is shared by Office apps, including Excel, Outlook, PowerPoint, and Word. When …
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now