Jump to content

No source IP address found, cannot proceed!


Recommended Posts

2 hours ago, Outernaut said:

https://www.spamcop.net/sc?id=z6708342598za3c1a7e1620502b088a404a350ad0835z

The tracking URL seems to be missing an IP on the Received line.  Without that IP, it cannot proceed to report such IP.

Received: from esteemcom by elm.nocdirect.com with local (Exim 4.93)
	(envelope-from <info@domainregistrationcorp.com>)
	id 1lT0m1-0006Jl-Cb
	for x; Sun, 04 Apr 2021 07:18:33 -0400

 

Link to comment
Share on other sites

1 hour ago, gnarlymarley said:

The tracking URL seems to be missing an IP on the Received line.  Without that IP, it cannot proceed to report such IP.


Received: from esteemcom by elm.nocdirect.com with local (Exim 4.93)
	(envelope-from <info@domainregistrationcorp.com>)
	id 1lT0m1-0006Jl-Cb
	for x; Sun, 04 Apr 2021 07:18:33 -0400

 

Seem to be from Outernaut's internal network?

Link to comment
Share on other sites

18 hours ago, petzl said:

Seem to be from Outernaut's internal network?

Not quite. After reviewing @gnarlymarley and checking again, it may be they used a contact form. The form did not have any captcha so I put a non-invasive invisible captcha on. We'll see.

 

Thanks to you both for your asistance,

~o~

Link to comment
Share on other sites

1 hour ago, Outernaut said:

After reviewing @gnarlymarley and checking again, it may be they used a contact form.

If it was a contact form, you should be able to look up the IP in the http logs.  It would be good to have the form add some email headers, such as a "Received:" header that has the IP, hostname, and protocol, just like your email server does.  Another header maybe something like "X-WebForm:".

Also, I would expect the receiving email server to show the IP of the server with the contact form.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...