origin of this email

Lowyat.NET forums

Lowyat.NET Kopitiam Garage Sales

Lowyat.NET Rules and Regulations FAQ Help Search Members

Welcome Guest ( Log In | Register )

Lowyat.NET -> Software -> Security & Privacy

Bump Topic Add Reply RSS Feed

Outline · [ Standard ] · Linear+

origin of this email, can anyone tell from email header

views

TScmleow	Jul 28 2015, 09:22 PM, updated 11y ago Show posts by this member only \| Post #1
New Member Junior Member 33 posts Joined: Dec 2006	good day, wondering if any expert here can tell me where is the origin/sender base on the email header below? I am getting unstoppable spam from this sender. ------------------------------------- Delivered-To: flxoffice@gmail.com Received: by 10.112.173.68 with SMTP id bi4csp2281042lbc; Tue, 28 Jul 2015 05:55:43 -0700 (PDT) X-Received: by 10.60.37.166 with SMTP id z6mr33410485oej.63.1438088143188; Tue, 28 Jul 2015 05:55:43 -0700 (PDT) Return-Path: <felxcofficesvr26@server26.dns-server-ip.net> Received: from server26.dns-server-ip.net (119.81.1.194-static.reverse.softlayer.com. [119.81.1.194]) by mx.google.com with ESMTPS id fp17si791851pac.179.2015.07.28.05.55.42 for <flxoffice@gmail.com> (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 28 Jul 2015 05:55:43 -0700 (PDT) Received-SPF: neutral (google.com: 119.81.1.194 is neither permitted nor denied by best guess record for domain of felxcofficesvr26@server26.dns-server-ip.net) client-ip=119.81.1.194; Authentication-Results: mx.google.com; spf=neutral (google.com: 119.81.1.194 is neither permitted nor denied by best guess record for domain of felxcofficesvr26@server26.dns-server-ip.net) smtp.mail=felxcofficesvr26@server26.dns-server-ip.net Received: by server26.dns-server-ip.net (Postfix, from userid 10177) id 6EDA96D5C28; Fri, 24 Jul 2015 08:38:44 +0800 (MYT) To: flxoffice@gmail.com Subject: çº¿ä¸Šæ”¯ä»˜å°½äº« 1%è´´å¿ƒå›žé¦ˆï¼Œèµ„é‡‘æ›´æœ‰ä¿éšœï¼› æ¾³é—¨å¾ˆæ¼‚äº®ï¼Œæ‚¨ä¸æƒ³æ¥é€›é€›å—ï¼Ÿå¦‚æžœå› ä¸ºæ²¡é’±ï¼Œé‚£å°±æ¥æ¾³é—¨é‡‘æ²™é›†å›¢ www.919991.comæ·˜é‡‘å§ï¼0é—¨æ§›0é£Žé™©0æˆæœ¬ï¼Œç®€å•æ³¨å†ŒæˆåŠŸå°±èƒ½å…è´¹æˆä¸ºé«˜çº§ä¼šå‘˜ã€‚ ã€Šæ¾³é—¨é‡‘æ²™é›†å›¢ã€‹è®©æ‚¨è¶³ä¸å‡ºæˆ·ä½“éªŒæ¾³é—¨çŽ°åœºè èœæ¿€æƒ…ã€‚ é¦–å˜é€30ï¼…æœ€é«˜ç¤¼é‡‘é«˜è¾¾300000å…ƒï¼Œåªè¦æ‚¨æ•¢æ¥ï¼Œæˆ‘ä»¬å°±æ•¢é€ã€‚å¤©å¤©è¿”æ°´1.2ï¼…æ— ä¸Šé™ï¼Œäºšæ´²é¡¶çº§ä¿¡èª‰ï¼Œå¤§é¢æ— å¿§ï¼Œå•ç¬”ææ¬¾1000ä¸‡å…ƒï¼Œå³æ—¶åˆ°å¸ï¼Œä¹Ÿå¯åœ¨æ¾³é—¨å–çŽ°ï¼ å³ä½¿é“è·¯åŽå·ä¸å¹³ï¼Œè½¦è½®ä¹Ÿè¦å‰è¿›ï¼›å³ä½¿æ±Ÿæ²³æ³¢æ¶›æ±¹æ¶Œï¼Œèˆ¹åªä¹Ÿèˆªè¡Œã€‚ recommend website Office Supplies Sdn Bhd to huaqianshu002@126.com X-PHP-Originating-Script: 10177:classEmailV1e.php X-Mailer: entertopPHP-Mailer MIME-Version: 1.0 Content-type: text/html; charset=iso-8859-1 Message-Id: <20150724003844.6EDA96D5C28@server26.dns-server-ip.net> Date: Fri, 24 Jul 2015 08:38:44 +0800 (MYT) From: felxcofficesvr26@server26.dns-server-ip.net ---------------------------------- thank you. This post has been edited by cmleow: Jul 30 2015, 09:01 PM
Card PM	Report Top Like Quote Reply

baka.bakashi	Aug 19 2015, 03:23 PM Show posts by this member only \| Post #2
Getting Started Junior Member 53 posts Joined: Oct 2011	you should check this line Received: from server26.dns-server-ip.net (119.81.1.194-static.reverse.softlayer.com. [119.81.1.194]) but from my observation there could be more behind it... This post has been edited by baka.bakashi: Aug 19 2015, 03:32 PM
Card PM	Report Top Like Quote Reply

Melton	Sep 15 2015, 03:51 AM Show posts by this member only \| Post #3
New Member Validating 38 posts Joined: Sep 2015	from Singapore. But other domains might have been resolved to that IP address as well. This post has been edited by Melton: Sep 15 2015, 04:25 AM
Card PM	Report Top Like Quote Reply

« Next Oldest · Security & Privacy · Next Newest »

Add Reply Options

Change to:

0.0150sec

0.60

5 queries

GZIP Disabled
Time is now: 20th December 2025 - 04:05 AM

All Rights Reserved © 2002- 2025 Vijandren Ramadass (~unite against racism~)

Removal Request

Powered by Invision Power Board © 2025 IPS, Inc.