Question

Identifying the source of spam from 'received' headers

I am trying to identify the source of a persistent spammer to my Hotmail account. I want to paste the message source information here to clear up a few questions I have regarding it. Is this NOT a good idea since it will make my IP number public....? -
Also regarding the message source info, before I paste it, the last IP number registered (i.e. first in the message itself) is not the same as my own IP number - how can this be so.
Additionally I have identified the IP of the spammer from the message source info - how do I go about reporting this to the relevant ISP to have the spammer removed from their service.
Lastly, in a different spam message the last IP (the one which I believe should be mine given it is the same listed last in all my other emails - though why it doesn't appear to be the correct one is a question I have already asked) is, for whatever reason, not the IP address which appears to be my own, but a different one - mine appears second to last. Is there a possibility someone has managed to highjack or mimick my IP and server so that I appear to be the source of spam to unwitting other email account users and also how could they then make sure that some other IP address is listed as the last recipient of the email, and thus the one anyone who checked the message source would be the apparent certifiable IP address.

Thanks in advance for any answers

mikkymouse999

Discussion is locked

Follow
Reply to: Identifying the source of spam from 'received' headers
PLEASE NOTE: Do not post advertisements, offensive materials, profanity, or personal attacks. Please remember to be considerate of other members. If you are new to the CNET Forums, please read our CNET Forums FAQ. All submitted content is subject to our Terms of Use.
Reporting: Identifying the source of spam from 'received' headers
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Comments
- Collapse -
Answer
Usually a dead end.

Why? They could be on a VPN, spoofing or something else. Just add them to your spam blocker and leave it at that.

There are too long discussions about spoofing, bouncing and more about email that we would be back to research and rehashing all this. If you want to dive into forensic email tracing, you have a lot to research now. But what I'm seeing is few if any will join you on this quest as it's an old quest.

- Collapse -
Spam from a common source + tracking it is only option

The reason I asked the question in my last post is because the spam/phishing attempts are from a common source - this is identifiably so because in every spam message a sequence of text has a dotted line beneath it and highlighted in blue so as to present itself ostensibly as a link. If one does click on the link you are almost always taken to CV Library - but I would suspect at the same time a load of my computer, and perhaps, personal info, is simultaneously phished. It is my firm belief that the person who is spamming me has been/Is still tracking my actions having hacked my email/hacked the accounts I hold with several job websites/gotten hold of my IP number - or a combination of these outcomes given that the spam messages I get come from multiple supposed employers who advertise on the job websites I am registered with yet contain all the same tell tale signs described above.
Given all of this I am pretty sure I am facing one determined phisher/spammer - hence my attempt to trace him. I have followed some of the links regarding this in some other discussions on CNET (livewire.com and about.com were the best) - if you could I would be most appreciative if you could recommend some other links/web pages where I could continue my research or other discussions/questions on CNET where this sort of issues has already been discussed as, I'm sure you can tell, I am determined to get my adversery out of my email account.
Thanks

mikkymouse999

- Collapse -
I don't find anyone helping folk "trace" such.

A lot of reasons why. Not that someone might join you but I have reasons to never do this. Mostly because in tracing I may reveal my connection and get a DOS attack going. No fun in that. So my advice is to get it into your spam block list and let it die there.

But again you have folk that are determined and won't accept that. So your quest is to find someone to join you but I don't see that happening today on any forum. I can't guess why. I can only share you are in a well worn area with a lot to research and learn. To me, it's easier to add them to the spam blocker rules and go back to work or having fun again.

- Collapse -
Am beyond the point where blocking/reporting is effective.

I have already marked as spam all of the junk I am getting and/or reported it as phishing scam - the stuff just keeps on coming. I've also set filters as much as is appropriate but the problem is whoever is sending me all the nonsense has, other than leaving the tell-tale link described in my previous post, quite expertly mimicked genuine companies and employment agencies so reading the subject line alone is not enough to distinguish the false from the genuine - hence I am at the point where I feel tracing is my last option.
I appreciate the advice I am looking for is quite niche (do I detect a hint of sarcasm in your reply?!) but as mentioned the usual measures to stop the spam aren't working - again, at risk of repeating myself, are there any online resources you or anyone can recommend to tackle this problem.
Regards what has been posted before on CNET - some anti-spam programmes do look as if they might help from what others have written (eg, spamcop, mailwasher) but they are from posts written years ago - the current spamcop website for instance looks decidedly takky and some pages won't even load. Any recommendations for the latest most reliable anti-spam programmes?
Thanks again in advance for answers.

mikkymouse999

- Collapse -
Answer
We are at a few posts

But I don't have anything tangible or solid to work with. But let's go with you are using Thunderbird. Web mail is not going to work here. It just won't and I will not acknowledge that rabbit hole exists.

http://forums.mozillazine.org/viewtopic.php?f=39&t=2860301 kicks around Thunderbird and how it may sort email after it's downloaded.

NOW HERE'S THE THING. There have been folk that want the email to not be downloaded at all. This sort of telepathic software is not possible today. Read the link again where this is noted.

To implement this filter is up to you. I can't write these for you. But there is an one size fits all that a friend hard hit with spam and he refused to write filters etc. What did he do? All email that didn't contain the magic word, would be deleted. He had to do this in order to reign in all the spam.

It worked.

CNET Forums

Forum Info