Email header question
Posted on 2010-09-14
I have a user getting 10 - 20 spam emails a day that are not getting detected by the Vipre Email Security on their SBS box. The subject and the body are about 4 letters long. Is there a way to better trace this to be able to stop it? There are also X-AntiAbuse fields in this header that I am not familiar with.
I have traced the first IP address to Indonesia but how should I proceed?
Any help would be greatly appreciated.
Microsoft Mail Internet Headers Version 2.0
X-Ninja-PIM: Scanned by Ninja
Received: from mop100.hostmop.com ([126.96.36.199]) by ars-llc.com with Microsoft SMTPSVC(6.0.3790.3959);
Fri, 3 Sep 2010 02:37:05 -0400
Received: from gspiacid by mop100.hostmop.com with local (Exim 4.69)
for email@example.com; Fri, 03 Sep 2010 13:37:04 +0700
X-PHP-Script: gsp-international.ac.id/xern.php for 188.8.131.52
From: remo <firstname.lastname@example.org>
Date: Fri, 03 Sep 2010 13:37:04 +0700
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - mop100.hostmop.com
X-AntiAbuse: Original Domain - mydomain.com
X-AntiAbuse: Originator/Caller UID/GID - [674 671] / [47 12]
X-AntiAbuse: Sender Address Domain - mop100.hostmop.com
X-OriginalArrivalTime: 03 Sep 2010 06:37:06.0374 (UTC) FILETIME=[6D42E660:01CB4B32]