Sunday, June 7, 2009

2nd Spam Mail [Subject : (no subject)]


This is the 2nd Spam i wish to explain about. Like in the previous spam mail, The Spam mail is sent from the same server "NAC.NET". The Header of the original mail is given below:

----------------------------------------------------------------------------

Delivered-To: ##########@gmail.com
Received: by 10.229.91.76 with SMTP id l12cs43351qcm;
Thu, 4 Jun 2009 18:38:58 -0700 (PDT)
Received: by 10.224.11.72 with SMTP id s8mr3051526qas.185.1244165936130;
Thu, 04 Jun 2009 18:38:56 -0700 (PDT)
Return-Path:
Received: from ip48.reprohit.com (ip48.reprohit.com [64.21.165.48])
by mx.google.com with SMTP id 12si3315459qyk.29.2009.06.04.18.38.56;
Thu, 04 Jun 2009 18:38:56 -0700 (PDT)
Received-SPF: pass (google.com: domain of n.267.5901807@reprohit.com designates 64.21.165.48 as permitted sender) client-ip=64.21.165.48;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of n.267.5901807@reprohit.com designates 64.21.165.48 as permitted sender) smtp.mail=n.267.5901807@reprohit.com
Date: Thu, 04 Jun 2009 21:26:06 -0400
From: "healthy legs"
To: ##########@gmail.com
Subject:
MIME-Version: 1.0
X-Mailer: xyf v8.3.4.1000.5901807
Reply-To: r.267.5901807@reprohit.com
Message-Id: <20090604180006.fnatipsdca@reprohit.com>
Content-Type: multipart/alternative;
boundary="=_23657ff2a4c51a224d3eddc716ae9305"
------------------------------------------------------------------------------

As per this Header, this email is sent from "REPROHIT.COM", but From DNSCHART IP Whois Report the IP Address "64.21.165.48" doesn't match with Domain. The actual Domain name of the IP address was "NAC.NET", Like i said in my previous email.

I determined the Location of the server by using DNSCHART.COM and IPLIGENCE.COM, Like i did in my previous post. Also my blog visitors can use the Header of the email to make a try to trace the Spammer location.

No comments:

Post a Comment