| Author | IP from email |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
I got the full headers from an email.. but the sender's ip is a bit confusing..
is there someone I PM that can help...
|
 |
| Author | RE: IP from email |
AldarHawk
Member
Posts: 1690
Location: Canada
Joined: 26.01.06
Rank: Hacker Level 1 | |
PM me I will talk to you about it...or MSN/AIM
|
   |
| Author | RE: IP from email |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
pm sent
|
|
|
| Author | RE: IP from email |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
simply include an image in a mutlipart email so that it gets displayed (assuming that the email client accepts it).
then simply view the access logs and see who pulls that picture.
|
|
|
| Author | RE: IP from email |
AldarHawk
Member
Posts: 1690
Location: Canada
Joined: 26.01.06
Rank: Hacker Level 1 | |
OS: you are talking about phishing...This was about finding out who sent an email.
|
|
|
| Author | RE: IP from email |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
if it not to personal, i would like to hear what you came up with?
|
|
|
| Author | RE: IP from email |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
doh, i should read the posts more thoroughly.
|
|
|
| Author | RE: IP from email |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
here I'll show an example of what i was a little confused about
Received: from 7x.4x.6x.1x (EHLO smtp02.atlngahp.sys.xxxx.net) (7x.4x.6x.1x)
by mta560.mail.mud.yahoo.com with SMTP; Fri, 02 May 2008 10:50:16 -0700
Received: from mail1.xxxxxxx.local (7x.4x.5x.9x.nw.xxxx.net [7x.4x.5x.9x]) by smtp02.atlngahp.sys.xxxx.net (8.13.1/8.13.1) with SMTP id m42HoBbB022972
for <xxx@yahoo.com>; Fri, 2 May 2008 13:50:11 -0400
Received: from ssk1.xxxxxxx.local (unknown [172.16.0.101])
by mail1.xxxxxxx.local (Symantec Mail Security) with ESMTP id 57268140A
for <xxx@yahoo.com>; Fri, 2 May 2008 13:50:11 -0400 (EDT)
Received: from MHxxxx01 ([172.16.0.162]) by ssk1.xxxxxxx.local with Microsoft SMTPSVC(6.0.3790.3959);
Fri, 2 May 2008 13:51:15 -0400
after sorting out a few things I think 7x.4x.5x.9x is the actual IP, and the 172.16.0.101 is a VPN tunnel into their network
tell me what you think or if i'm wrong
|
|
|
| Author | RE: IP from email |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
are you using outlook to mange your yahoo account?
|
|
|
| Author | RE: IP from email |
AldarHawk
Member
Posts: 1690
Location: Canada
Joined: 26.01.06
Rank: Hacker Level 1 | |
As I told you in PM CJ, The first one is the ISP's mail server. The second one is the senders IP that was assigned to their Modem (I think this is DSL) the IP would be the send address that the mail server received it from then passed it on to yahoo mail server.
If you want to know more let me know.
|
|
|
| Author | RE: IP from email |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
thanks again for the help aldarhawk, I was just showing the example since some one asked to see it.
@OS, i just used yahoo's web mail thru the browser, and selected full headers on the options
|
|
|
Main:
