Error - template LAYOUT-DATA-WRAPPER not found

A configuration error was detected in the CGI script; the LAYOUT-DATA-WRAPPER template could not be found.

Error - template STYLE-SHEET not found

A configuration error was detected in the CGI script; the STYLE-SHEET template could not be found.

Error - template SUB-TOP-BANNER not found

A configuration error was detected in the CGI script; the SUB-TOP-BANNER template could not be found.
Subject:
Re: IP address
From:
David Gillett <[log in to unmask]>
Reply To:
PCSOFT - Personal Computer software discussion list <[log in to unmask]>
Date:
Wed, 29 May 2002 23:32:19 -0700
Content-Type:
text/plain
Parts/Attachments:
text/plain (63 lines) 
On 29 May 2002, at 5:30, Jagpal S.Tiwana wrote:

> If some one send u mail under a fictitious name, and u want to
> find out his IP address, how can u do that.
> Is there a utility which can bring out the I P address

  As an email message gets passed from server to server, most mail-
handling software will add an entry to the "headers" portion of the
message, recording that it handled the message and where it received
it from.  There are two steps to using this information:

1.  Exposing the headers, which most "user friendly" email programs
normally don't display.

2.  Tracking back through these headers to determine the actual
message origin.

  I like to use the facility at http://www.spamcop.net .  There is
information on that site explaining how to retrieve/reveal the
headers using a variety of popular email programs (step 1), and there
is a form you can drop them into which feeds them to a script that
tracks the origin (step 2), looks up the relevant abuse contact info,
and can optionally send a complaint on your behalf.

  The process of tracing back through the headers is complicated by
several issues:

1.  Most modern/good servers record the IP address of the machine
from which they received the message, as well as the name returned
from doing a "reverse DNS" lookup on that address, and also the name
that the machine *claimed* to be.  Some older or misconfigured mail
software doesn't capture all/enough of this information; Verio, for
instance, captures ONLY the claimed name, because they protect anyone
who spams or otherwise anonymously sends to their customers.

2.  AOL used to delete any headers indicating where mail that passed
through their system had originated from.  I'm not sure if they still
do this.

3.  Spammers not only set their machines to claim to be some other
machine, they also sometimes include extra headers to make it look
like they got the message from somewhere else.  The SpamCop script
can often spot and ignore these forged headers, but this is probably
getting harder to do all the time.  (It can still, almost certainly,
do a better job of recognizing trustable header information than you
can.)


  Note also that if the sender is using a dial-up ISP, the IP address
that was assigned to them at the time they sent the message may since
have been assigned to someone else by the time you receive the email.
 If SpamCop is able to locate an "abuse reporting" contact at the
ISP, they could/should be able to determine which one of their
customers had been assigned that Ip address at the time that the
message was sent.

David Gillett

               The NOSPIN Group Promotions is now offering
              Mandrake Linux or Red Hat Linux CD sets along
         with our NOSPIN Power Linux CD...  at a great price!!!
             http://freepctech.com/goodies/promotions.shtml

ATOM RSS1 RSS2

LISTSERV.ICORS.ORG Secured by F-Secure Anti-Virus CataList Email List Search Powered by LISTSERV