Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

IP Address Help, Please!

by hakechrr Jun 24, 2007 6:38AM PDT

I am looking for some help from all the computer pro's out there. I am head of a homeowners association and there is this guy who we kicked off the Board for about 50 different reasons. We have a community message board, which he was kicked off as well, but what I think it happening, is he is making new accounts, posing as other people in the community, and then trashing the HOA Board with all the same arguments. I got a hold of a couple emails he send and turned on my hotmail option to see all the email info. Below is three emails, the first being from his real account to me, the send is from his wife to me (so we know these two came from the same computer) and the third is supposed to be this ?new guy?. Can anyone with experience in this look at this and tell if all the emails came from the same computer? Please see each email is sent from 75.51.224.67..Does this mean they are come from the same computer?

1:
MIME-Version: 1.0
Received: from smtp120.sbc.mail.sp1.yahoo.com ([69.147.64.93]) by bay0-mc1-f7.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.2668); Mon, 18 Jun 2007 14:02:33 -0700
Received: (qmail 48613 invoked from network); 18 Jun 2007 21:02:33 -0000
Received: from unknown (HELO B27FB1C401) (XXXXXXX@sbcglobal.net@75.51.224.67 with login) by smtp120.sbc.mail.sp1.yahoo.com with SMTP; 18 Jun 2007 21:02:32 -0000

2:
Received: from 207.115.20.172 (EHLO flpi132.sbcis.sbc.com) (207.115.20.172) by mta103.sbc.mail.re3.yahoo.com with SMTP; Sat, 23 Jun 2007 19:22:44 -0700
Received: from web36702.mail.mud.yahoo.com (web36702.mail.mud.yahoo.com [209.191.85.36])by flpi132.sbcis.sbc.com (8.13.8 inb/8.13.Cool with SMTP id l5O2MYjS007013for ; Sat, 23 Jun 2007 19:22:35 -0700
Received: (qmail 40363 invoked by uid 60001); 24 Jun 2007 02:22:43 -0000
Received: from [75.51.224.67] by web36702.mail.mud.yahoo.com via HTTP; Sat, 23 Jun 2007 19:22:43 PDT

3:
Received: from 207.115.36.61 (EHLO nlpi032.sbcis.sbc.com) (207.115.36.61) by mta103.sbc.mail.mud.yahoo.com with SMTP; Fri, 22 Jun 2007 14:29:23 -0700
Received: from web59305.mail.re1.yahoo.com (web59305.mail.re1.yahoo.com [66.196.101.46])by nlpi032.sbcis.sbc.com (8.13.8 inb/8.13.Cool with SMTP id l5MLSoPW016541for ; Fri, 22 Jun 2007 16:28:50 -0500
Received: (qmail 14944 invoked by uid 60001); 22 Jun 2007 21:29:22 -0000
Received: from [75.51.224.67] by web59305.mail.re1.yahoo.com via HTTP; Fri, 22 Jun 2007 14:29:22 PDT

Any help would really be appricated.

Discussion is locked

3 Posts
- Collapse + Expand Details
- Collapse -
No
by jackson dougless Jun 24, 2007 7:07AM PDT

Email headers can be forged, and are not reliable. But the more important thing here is what do you hope to accomplish should you actually prove that all three messages were from the same person?

- Collapse -
Re: ip-address
by Kees Bakker Jun 24, 2007 7:29AM PDT

whois.arin.net (a whois server, http://ws.arin.net/cgi-bin/whois.pl) tells me that this IP-address is managed by AT&T Internet services. So it's one of their customers. Does that help you?
If you get a search warrant they'll tell who is behind it.

Search results for: 75.51.224.67

AT&T Internet Services SBCIS-SBIS-6BLK (NET-75-0-0-0-1)
75.0.0.0 - 75.63.255.255
PPPoX Pool - rback7.ipltin-1162879261.1164400 SBCIS-110706070912 (NET-75-51-224-0-1)
75.51.224.0 - 75.51.227.255

# ARIN WHOIS database, last updated 2007-06-23 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.

- Collapse -
Actually, if it is worth your time and ....
by Edward ODaniel Jun 24, 2007 7:37AM PDT

money you could possibly get SBCGLOBAL.NET to verify the origin of the emails (their servers would have logged them).

It would appear from the address that the user was located in or near Meridian Hills if that helps.

As was noted, IP spoofing is always a possibility as is the potential use of a zomby node for the actual logged origin of an email.

Doesn't your board have the capability for selectively banning IP addresses? If so that is a route to take.

Back to Computer Help forum

CNET Forums

Operating Systems
Software
Electronics & Gadgets
Hardware
Tablets & Mobile Devices
General Help
Brand Forums
Roadshow Autos
Off Topic

Other Forums

Forum Info