Jump to content

biripada

Members
  • Content Count

    3
  • Joined

  • Last visited

Community Reputation

0 Neutral

About biripada

  • Rank
    Newbie
  1. biripada

    Trace SPAMMER

    Thanks all.
  2. biripada

    Trace SPAMMER

    Thanks Farelf and petzl. None of the IP present in header , does not present in log. If the source IP ( our IP ) is correctly mentioned here I should have got an entry for ""Received: from MY_SERVER_IP by webmail-va085.sysops.aol.com (149.174.103.88) "". Yes. In CBL our IP was listed 1 week ago but for Conflicker issue not for spamming. I was able to track the user and blocked the user from CBL provided information. So it means any body can provide report to Spamcop with a forge source IP.. The problem is my ISP creating pressure on me. Thank you
  3. biripada

    Trace SPAMMER

    Hi All, I provide proxy service. and one user sent SAPM MAIL using our service and below is that mail header. I have iptable log enabled , and there is no issue I verified and it giving correct result for other abuse cases like CBL etc. From the below report it tells a connection has been made from : MY_SERVER_IP to 149.174.103.88 at given time. But in IPTABLE log I don't see any connection made to this IP - 149.174.103.88 Am I taking correct destination IP from following header. Pls help. I need to trace the user who spam. Thank you ===================== Received: from core-lga05d.mail.aol.com (core-lga05.mail.aol.com [10.76.11.5]) by mtaomg-aai02.mx.aol.com (OMAG/Core Interface) with ESMTP id E234338000082; Wed, 5 Nov 2014 16:00:39 -0500 (EST) X-MB-Message-Source: WebUI Subject: PLEASE I NEED YOUR URGENT ATTENTION X-MB-Message-Type: User MIME-Version: 1.0 From: xxxxtopher Edward <xxxxtopher.edward2[at]aol.co.uk> Content-Type: multipart/alternative; boundary="--------MB_8D1C752AFAE926C_1104_10EFB3_webmail-va085.sysops.aol.com" X-Mailer: AOL Webmail STANDARD Received: from MY_SERVER_IP by webmail-va085.sysops.aol.com (149.174.103.88) with HTTP (WebMailUI); Wed, 05 Nov 2014 16:00:38 -0500 Message-Id: <8D1C__________________C11D[at]webmail-va085.sysops.aol.com> X-Originating-IP: [MY_SERVER_IP] Date: Wed, 5 Nov 2014 16:00:38 -0500 x-aol-global-disposition: S X-spam-FLAG: YES DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mx.aol.com; s=20140625; t=1415221249; bh=SID3WEUl/Mm/0P3neBBy7O/tQSr64ExaJ7aerAb5RaU=; h=From:Subject:Message-Id:Date:MIME-Version:Content-Type; b=b82VXaKg4vUytw0XjcB4T7bY6IexhDQJJIJufiq1K+Up4e7KjZ97660dgTakwqpBw s8PsYE+PusDtRfA7QruuT0Fx8ZCOsqeoOxqhcTrcmAtVKf+xiG1M+C1eb0IzV4AecD kbFEeD1QNN4axIRvTGnNRzdDW9r2tUk3DKQRekC8= X-AOL-REROUTE: YES x-aol-sid: 3039ac1b0264545a8ff7727f X-spam-Score: 15.9/5 ======================================================
×