DerekS Posted June 23, 2012 Share Posted June 23, 2012 spam link: http://www.spamcop.net/sc?id=z5355407331z8...e04d869163c4f5z Here we have part of a bigger issue of of 419 scammers using free VPN providers to hide their tracks from LE. However in reporting these, I have noticed that the parser does not normally follow through to the source: Received: from [126.96.36.199] by web181306.mail.ne1.yahoo.com via HTTP; Sat, 23 Jun 2012 10:04:16 PDT The parser stops at Yahoo, reporting this to Yahoo. However in the usage of these, that is pretty useless as these issue is nLayer in this case (and most likely AnchorFree downstream) where the scammers are using disposable Yahoo email addresses to spoof banks, lottos, governments etc. This issue also crops up when EgiHosting's services are used (where AnchorFree also has VPNs). Once in a while the parser may track it all the way back, but this is rare. Link to comment Share on other sites More sharing options...
This topic is now archived and is closed to further replies.