[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 508
  • Last Modified:

Email Trace

Hi,

Could someone please tell me what is the best way to trace an email to find out it's actual source. For example - our company got a spam from an IP - 93.124.1.159. I did a tracert and got the following reply;

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

U:\>TRACERT 93.124.1.159

Tracing route to host-93-124-1-159.dsl.sura.ru [93.124.1.159]
over a maximum of 30 hops:

  1     9 ms     2 ms     1 ms  10.15.24.3
  2    <1 ms    <1 ms    <1 ms  10.15.31.147
  3     *        *        *     Request timed out.
  4     *        *        *     Request timed out.
  5   193 ms   191 ms   192 ms  10.160.99.34
  6     *        *        *     Request timed out.
  7     *        *        *     Request timed out.
  8     *        *        *     Request timed out.
  9     *        *        *     Request timed out.
 10     *        *        *     Request timed out.
 11     *        *        *     Request timed out.
 12     *        *        *     Request timed out.
 13     *        *        *     Request timed out.
 14     *        *        *     Request timed out.
 15     *        *        *     Request timed out.
 16     *        *        *     Request timed out.
 17     *        *        *     Request timed out.
 18     *        *        *     Request timed out.
 19     *        *        *     Request timed out.
 20     *        *        *     Request timed out.
 21     *        *        *     Request timed out.
 22     *        *        *     Request timed out.
 23     *        *        *     Request timed out.
 24     *        *        *     Request timed out.
 25     *        *        *     Request timed out.
 26     *        *        *     Request timed out.
 27     *        *        *     Request timed out.
 28     *        *        *     Request timed out.
 29     *        *        *     Request timed out.
 30     *        *        *     Request timed out.

Trace complete.

An expert on Exchange actually gave me the full address and email ID. I was hoping to know how one gets this information.

I am also hoping to know how best to prevent this spam from happening, other than blacklisting the email addresses from which this originated.

Many Thanks,

Rakesh S.

0
rax2473
Asked:
rax2473
1 Solution
 
Jon BrelieSystem ArchitectCommented:
You would need to post the full headers of the message in question.
0
 
carlmdCommented:
That ip is in Russia

 By submitting a query to RIPN's Whois Service
% you agree to abide by the following terms of use:
% http://www.ripn.net/about/servpol.html#3.2 (in Russian)
% http://www.ripn.net/about/en/servpol.html#3.2 (in English).

domain:     SURA.RU
nserver:    ns1.sura.ru. 80.95.32.25
nserver:    ns4.nic.ru.
nserver:    ns8.nic.ru.
state:      REGISTERED, DELEGATED, VERIFIED
org:        Penza subsidiary of JSC "Rostelecom"
phone:      +7 8412 520208
phone:      +7 8412 660484
fax-no:     +7 8412 523688
fax-no:     +7 8412 520687
e-mail:     pvg@penza.net
e-mail:     zx@sura.ru
e-mail:     tva@penza.net
e-mail:     o.volgina@sura.ru
registrar:  RU-CENTER-REG-RIPN
created:    1999.02.10
paid-till:  2012.03.01
source:     TCI

Last updated on 2011.05.03 21:20:46 MSK/MSD


We use VisualRoute for this.
0
 
rax2473Author Commented:
A good answer and one that was enriching in the information provided.
0

Featured Post

New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now