Results 1 to 8 of 8

Thread: Technical Assistance needed

  1. #1
    Join Date
    Sep 2008
    Location
    Central Florida
    Posts
    5,576
    Thanked: 35

    Default Technical Assistance needed

    Does anyone know how to track an email back to its sender or IP address? We've got a nasty one going around at church & need to get to the bottom of this thing.
    Shanon, Squammy to...




  2. #2
    Join Date
    Sep 2008
    Location
    New York
    Posts
    43,984
    Thanked: 21576

    Default Re: Technical Assistance needed

    Quote Originally Posted by Legomom
    Does anyone know how to track an email back to its sender or IP address? We've got a nasty one going around at church & need to get to the bottom of this thing.
    UGH.....here try this, and then I will notify a couple of people that are quite computer savvy that may be able to help you....
    http://whatismyipaddress.com/trace-email

  3. #3
    Jackie in Tampa is offline Left TSB to start her own Board
    Join Date
    Feb 2008
    Location
    NA
    Posts
    23,474
    Thanked: 20

    Default Re: Technical Assistance needed

    get'em Shannon!
    and at church no less....

  4. #4
    Join Date
    Aug 2006
    Location
    Over the hills and far away.
    Posts
    12,278
    Thanked: 1220

    Default Re: Technical Assistance needed

    Need as much information about the email as possible. Or the IP address, if you have it. It should look like eg. 174.6.21.135, or 4 sets of one to three numbers. If you have that, you can put it into a utility such as http://whatismyipaddress.com/ and have a fair idea of where the ip is connecting.
    https://thesquirrelboard.com/forums/signaturepics/sigpic929_1.gif

  5. #5
    Milo's Mom's Avatar
    Milo's Mom is offline Permitted Pennsylvania Wildlife Rehabilitator
    Join Date
    Jun 2010
    Location
    Auntie MM's Boutique
    Posts
    16,216
    Thanked: 7796

    Default Re: Technical Assistance needed

    If you have the IP address you can learn & cannot learn:
    • Which internet service provider (ISP) the user is using. In some cases this may be the user's company (e.g. Ford.com). In other cases it may be just one of the large ISPs such as ATT or Comcast.
    • The approximate physical location of the user (e.g. Palo Alto, California.)
    • Recognize that usually you will not learn the actual name of the person doing at that IP address (e.g. Joe Smith). ISPs will typically only release such information under a court order.

    Do you have the e-mail address or the IP address or both?

    There are LOTS of websites that will allow you to look up an IP address information. Do a Google search on "IP Geolocation" to get a list of them. Most sites offer it for free.

    Top-quality custom cage gear, accessories, blankets, & toys.
    Boutique items are fun, unique, and anything but ordinary.

    TSB thread: Auntie MM's Custom Boutique Website: https://auntiemmscb.square.site/ Facebook: Auntie MM's Facebook Page



  6. #6
    Join Date
    Sep 2008
    Location
    Central Florida
    Posts
    5,576
    Thanked: 35

    Default Re: Technical Assistance needed

    Ok, I've got the email address it was sent from, the reply to email address & the whole header, which includes the IP.

    fls_de_enrollment_committee@zoho.com (came from this email)
    FLS_De-enrollment_Committee@hmamail.com (reply to email)
    172.29.249.242 (IP)
    72.5.230.95 (this also came back from the header info)

    I entered the header into the website Nancy gave & I'm not quite comprehending this....it came from Menlo Park, CA???




    Here's the info that I copied from the email header:

    Return-Path: <fls_de_enrollment_committee@zoho.com>
    Received: from sender1.zohomail.com (sender1.zohomail.com [72.5.230.95])
    by mtain-de06.r1000.mx.aol.com (Internet Inbound) with ESMTP id 9717338000088;
    Sat, 9 Jun 2012 04:58:52 -0400 (EDT)
    DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
    s=zapps768; d=zoho.com;
    h=date:from:to:message-id:subject:mime-version:content-type:user-agent;
    b=vdg24IOwXgJDRrfqsG8tZpC6ekoQaN0+4nSb+/cH/8G2q+lM6naCRvRy79JHYCDcC6/ln8KHcQIw
    4JUtlo//niH1RU6cA8UK0afJP5lAqhSCxL2VD9ZI68zFXtAwp5qX
    Received: from 172.29.249.242 (172.29.249.242 [172.29.249.242]) by mx.zohomail.com
    with SMTP id 1339232326415602.837157957815; Sat, 9 Jun 2012 01:58:46 -0700 (PDT)
    Date: Sat, 09 Jun 2012 01:58:45 -0700
    From: fls_de_enrollment_committee <fls_de_enrollment_committee@zoho.com>
    To: Message-ID: <137d07790d0.-6089382857875477959.4933731321528393586@zoho.com>
    Subject: RE: FLS Board of Education Student De-Registration Drive
    MIME-Version: 1.0
    Content-Type: multipart/mixed;
    boundary="----=_Part_53988_749812851.1339232325814"
    X-Priority: Medium
    User-Agent: Zoho Mail
    X-Mailer: Zoho Mail
    X-Zoho-Virus-Status: 1
    x-aol-global-disposition: G
    X-AOL-VSS-INFO: 5400.1158/81371
    X-AOL-VSS-CODE: clean
    x-aol-sid: 3039ac1d40ce4fd3104c5e71
    X-AOL-IP: 72.5.230.95
    X-AOL-SPF: domain : zoho.com SPF : pass
    Last edited by Nancy in New York; 06-11-2012 at 08:38 PM.
    Shanon, Squammy to...




  7. #7
    Join Date
    Nov 2011
    Location
    Oviedo , Florida
    Posts
    6,841
    Thanked: 21

    Default Re: Technical Assistance needed

    you can be anywhere and route email from another address, need some one who can hack the account.
    Just like faxing, we would fax a # to NJ and it wound up being sent to California.
    scam-er can do all kinds of things, be careful what you open , it can blow up your computer, or a worm cam destroy everything.

    Simon's video http://www.youtube.com/watch?v=Mzpwo0r35l0

    “Until one has loved an animal, a part of one's soul remains unawakened.”
    ― Anatole France

  8. #8
    Milo's Mom's Avatar
    Milo's Mom is offline Permitted Pennsylvania Wildlife Rehabilitator
    Join Date
    Jun 2010
    Location
    Auntie MM's Boutique
    Posts
    16,216
    Thanked: 7796

    Default Re: Technical Assistance needed

    Just by looking at what you posted it appears that the person or bot sending the e-mail is using a mail service called Zoho Mail (there is really a service called by this name) and it appears that the ISP is AOL.

    The Zoho website has contact information listed...maybe if you contact them they can determine if it is a bot and possibly they can stop it from sending.

    Top-quality custom cage gear, accessories, blankets, & toys.
    Boutique items are fun, unique, and anything but ordinary.

    TSB thread: Auntie MM's Custom Boutique Website: https://auntiemmscb.square.site/ Facebook: Auntie MM's Facebook Page



Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •