I received an e-mail from 192.244.203.83?

I received an e-mail in Outlook Inbox from USPS Service <status_item@usps.com> with the attachment Label_Parcel_USPS_13-114.zip

However, the ip address in the e-mail message header is 192.244.203.83

How can I find out "who is" or "what is" using 192.244.203.83 on our network?

Thanks for your help.
LessonsLearnedAsked:
Who is Participating?
 
Steven CarnahanNetwork ManagerCommented:
0
 
LessonsLearnedAuthor Commented:
The header information is:

Received: from outlet-web.jp (192.244.203.83) by SD1.sd.local (192.168.1.253)
 with Microsoft SMTP Server id 14.1.218.12; Mon, 9 Apr 2012 12:39:03 -0700
Received: by outlet-web.jp (Postfix, from userid 2)      id DE98084436D; Tue, 10
 Apr 2012 04:38:17 +0900 (JST)
To: <jim@mmpph.com>
Subject: Postal notification
From: USPS Service <status_item@usps.com>
X-Mailer: mPOPWeb-Mail2.19
Reply-To: USPS Service <status_item@usps.com>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----------13340002974F833AA9C4324"
Message-ID: <20120409193817.DE98084436D@outlet-web.jp>
Date: Tue, 10 Apr 2012 04:38:17 +0900
Return-Path: daemon@outlet-web.jp
X-MS-Exchange-Organization-AuthSource: SD1.sd.local
X-MS-Exchange-Organization-AuthAs: Anonymous
0
 
LessonsLearnedAuthor Commented:
Network Solutions Whois states 192.244.203.83 equates to outlet-web.jp

Domain Information:
[Domain Name]                   OUTLET-WEB.JP

[Registrant]                    STB,Inc.

[Name Server]                   01.dnsv.jp
[Name Server]                   02.dnsv.jp
[Signing Key]                  

[Created on]                    2007/06/04
[Expires on]                    2012/06/30
[Status]                        Active
[Last Updated]                  2011/07/01 01:05:05 (JST)

Contact Information:
[Name]                          STB,Inc.
[Email]                         kobayashi@stb-libman.jp
[Web Page]                      
[Postal code]                   441-8113
[Postal Address]                Toyohashi-shi
                                333 Nishimiyuki-cho Aza Hamaike
                                Sience Core 109
[Phone]                         0532-38-6595
0
Cloud Class® Course: CompTIA Healthcare IT Tech

This course will help prep you to earn the CompTIA Healthcare IT Technician certification showing that you have the knowledge and skills needed to succeed in installing, managing, and troubleshooting IT systems in medical and clinical settings.

 
tobywestonCommented:
This is not an internal IP, it will be coming externally from one of the many spam bots around the world.

Doing an IP lookup will show you roughly where.
0
 
Dave BaldwinFixer of ProblemsCommented:
The first "Received:" line tells you who it came from.  It is just spam.  They faked all the other email addresses.
0
 
LessonsLearnedAuthor Commented:
Thank you very much.  When I pinged 192.244.203.83, I got 4 replies.  I thought that because the IP address began with 192, that it was a computer or device located in my office, but "tobyweston" said it was not an internal IP.
0
 
Steven CarnahanNetwork ManagerCommented:
tobyweston is correct.  Here are the private IP address ranges:

IANA-reserved private IPv4 network ranges Start End No. of addresses
24-bit block (/8 prefix, 1 × A) 10.0.0.0 10.255.255.255 16777216
20-bit block (/12 prefix, 16 × B) 172.16.0.0 172.31.255.255 1048576
16-bit block (/16 prefix, 256 × C) 192.168.0.0 192.168.255.255 65536
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.