|
30-05-2007, 15:31
|
#1 |
|
Goes up to 11!
Join Date: Jul 2006
Posts: 4,577
|
Narrow this ip down please
I have just had spoof emails from this address
84.9.98.177 its a bulldogdsl customer. From here I am stuck, are you able to find a username or a registered owner from this? I guess that I will need to contact bulldogdsl, but other than a whois... is there anything else I can do do work out who they are. I wouldn't normally bother but this is spam to my work address impersonating me, so I am taking this very seriously. edit:- narrowed it down to a bulldog line at Lambeth palace road, near st thomas hospital Last edited by Zirax; 30-05-2007 at 15:34. |
|
|
|
30-05-2007, 15:35
|
#2 |
|
The Stig
Join Date: Jun 2006
Location: Swad!
Posts: 10,713
|
abuse@cw-access.com is the only contact I can find, and probably your first port of call (you'd think it'd be abuse@bulldogdsl.com :/). Beyond that it's Bulldog's info to give out.
__________________
apt-get moo |
|
|
|
|
30-05-2007, 15:36
|
#3 |
|
BBx woz 'ere :P
Join Date: Jan 1970
Posts: 2,147,487,208
|
Just email to the abuse dept of bulldog. That's the best thing you can do. Unless you want to post all the header information of the email here/
__________________
No No! |
|
|
|
|
30-05-2007, 15:38
|
#4 |
|
Goes up to 11!
Join Date: Jul 2006
Posts: 4,577
|
Yeah I spotted the cw address to mail. I just wondered if there was anything that the networking guru's could do. I guess that its a dynamically assigned ip that only bulldog would know what customer it was. Now I know its hotmail, but the work emails were ones that no one would know unless they knew me
edit:- Microsoft Mail Internet Headers Version 2.0 Received: from ukacpx001.uk.int.atosorigin.com ([157.203.148.208]) by UKACPX004.uk.int.atosorigin.com with Microsoft SMTPSVC(6.0.3790.1830); Wed, 30 May 2007 13:46:54 +0100 Received: from ukacpr005.uk.int.atosorigin.com ([157.203.148.177]) by ukacpx001.uk.int.atosorigin.com with Microsoft SMTPSVC(6.0.3790.1830); Wed, 30 May 2007 13:46:54 +0100 Received: from mailrelay01.uk.atosorigin.com (unverified) by ukacpr005.uk.int.atosorigin.com (Clearswift SMTPRS 5.2.9) with ESMTP id <T7fe9a5f6369dcb94b145c@ukacpr005.uk.int.atosorigin .com>; Wed, 30 May 2007 13:46:54 +0100 Received: from smtp1.mail.atosorigin.com ([160.92.103.80] helo=mail01.mail.atosorigin.com) by mailrelay01.uk.atosorigin.com with esmtp (TLSv1  ES-CBC3-SHA:168)(Exim 4.32) id 1HtNur-0003Gx-5y; Wed, 30 May 2007 14:08:41 +0100 Received: from filter.atosorigin.com (localhost [127.0.0.1]) by mail01.mail.atosorigin.com (SMTP Server) with ESMTP id AD38B24055C6; Wed, 30 May 2007 14:46:46 +0200 (CEST) Received: from bay0-omc2-s3.bay0.hotmail.com (bay0-omc2-s3.bay0.hotmail.com [65.54.246.139]) by mail01.mail.atosorigin.com (SMTP Server) with ESMTP id 2C4CE24055C2; Wed, 30 May 2007 14:46:43 +0200 (CEST) Received: from hotmail.com ([64.4.17.21]) by bay0-omc2-s3.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.2668); Wed, 30 May 2007 05:45:38 -0700 Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Wed, 30 May 2007 05:45:37 -0700 Message-ID: <BAY111-F11BA5634E9B0C51A6B7DB4B32E0@phx.gbl> Received: from 64.4.17.200 by by111fd.bay111.hotmail.msn.com with HTTP; Wed, 30 May 2007 12:45:32 GMT X-Originating-IP: [84.9.98.177] X-Originating-Email: [feederfan@hotmail.com] X-Sender: feederfan@hotmail.com From: "Matt -" <feederfan@hotmail.com> To: Various personal addys Cc: Various work addys Subject: PLEASE READ: Important Info Date: Wed, 30 May 2007 12:45:32 +0000 Mime-Version: 1.0 Content-Type: text/plain; format=flowed X-OriginalArrivalTime: 30 May 2007 12:45:37.0764 (UTC) FILETIME=[6C474240:01C7A2B8] X-fed-spamrating: -1.400000 X-fed-spam: not-spam X-UKAO-MailScanner-Information: Please contact the ISP for more information X-MailScanner-From: feederfan@hotmail.com Return-Path: feederfan@hotmail.com Last edited by Zirax; 30-05-2007 at 15:40. |
|
|
|
|
30-05-2007, 15:38
|
#5 |
|
The Last Airbender
Join Date: Jun 2006
Location: Pigmopad
Posts: 11,915
|
Depends on if it's a dynamic IP as to whether you'll get anywhere with this.
I've done a google search for the IP and it shows up as a few posts on a London Group Ruby website. Probably not much help though. If it is a dynamic IP, I think your only action is to inform Bulldog.
__________________
|
|
|
|
|
30-05-2007, 15:41
|
#6 |
|
Preparing more tumbleweed
Join Date: Jun 2006
Location: Hawaii
Posts: 6,038
|
Wouldn't be able to do it to anything closer than their nearest pop router. For example if you trace through to my home IP address you can figure out we're off the Poplar pop router for Virgin, but we're actually quite a distance from there.
Even fixed IPs on leased lines are often crap, you can only ever figure it out from the ISPs pop router stuff.
__________________
Mal: Define "interesting"? Wash: "Oh, God, oh, God, we're all gonna die"? |
|
|
|
|
30-05-2007, 15:44
|
#7 |
|
Goes up to 11!
Join Date: Jul 2006
Posts: 4,577
|
Ok thanks all really appreciated. I will follow this up with the abuse department and see what they say. Might not go anywhere but we will see
|
|
|
|
|
30-05-2007, 16:14
|
#8 |
|
The Stig
Join Date: Jun 2006
Location: Swad!
Posts: 10,713
|
For what consolation it is, this is quite common these days. I get emails from 'myself' every week. Though they're getting caught by the spam filter more as days go by.
__________________
apt-get moo |
|
|
|
|
30-05-2007, 17:43
|
#9 |
|
Goes up to 11!
Join Date: Jul 2006
Posts: 4,577
|
Oh if it was a generic one then thats fine really, but it was to people who I have directly worked with, most odd. Still knowing them they wouldn't believe it anyway
|
|
|
|
Linear Mode
