|
|
           
|
TRACING THROUGH A SIMPLE HEADER Original Header: Received: from mail.rascal-1-2-3.net ([216.44.69.8])
by mtiwgwc04.worldnet.att.net (InterMail v03.02.07 118 124)
with SMTP id <19990514202418.MXAE27324@mail.rascal-1-2-3.net>;
Fri, 14 May 1999 20:24:18 +0000
From: <XXXX@XXXXXXX.XXX>
To: <ZZZ@zzz.zzz>
Date: Fri, 14 May 1999 15:29:11 -0400
Message-ID: <05885312640473202@mail.rascal-1-2-3.net>
Subject: Not-For-Profit Will Help You Pay Debt!
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bitRelevant Parts of the Header:
To Determine the Sender: Perform an rDNS on the IP address shown:
Since this IP address is not referenced against a domain name in the DNS server, the next step is to find the owner of the IP block with an IP lookup:
This shows that the IP addresses from 216.44.0.0 through 216.44.255.255 are registered to New York Net. They have leased IP blocks 216.44.68.0 through 216.44.71.255 to Frontline Communications Corporation. The IP address which was used to send this UBE is 216.44.68.8. That falls within Frontline Communications Corporation's IP Block. The next step is to find out who Frontline Communications Corporation is.
Frontline Communications Corporation is fcc.net. Next, check to see if fcc.net has a registered abuse reporting address:
If it is an ISP that is unfamiliar, it is recommended that you check the website for an AUP. In this case, the AUP is located at: http://www.fcc.net/policy.htm#acceptable. This one is a fairly weak policy that states:
Since there is an AUP and the website indicates that fcc.net is a legitimate ISP and not a spamhaus, forward the offending mail with complete headers to the abuse address.
|
|
