| Author | Thread |
|
|
05/17/2005 02:53:12 AM · #1 |
I am asking this question for a very specific reason. Tonight an unknown party sent me an email about DPChallenge and some things going on. I was offended by the email and when I went to reply it would send back an email [promptly] saying,
Hi. This is the qmail-send program at smtp1.knology.net.
I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out.
Before I disclose what was said in the email I would like to know if there is a way of tracking the person or party that was responsible for it̢۪s content. I don̢۪t take kindly of people saying bad things about others [yes names are included] especially when they hide their identity. Any help would be grateful.
EDIT:Has anyone else received such an email? and I also have my email address hidden.
Message edited by author 2005-05-17 02:56:18. |
|
|
|
05/17/2005 02:57:55 AM · #2 |
I can't help on the tech side.
But I got a comment about one of my images that I wanted to reply to - I got exactly the same error (?) message.
|
|
|
|
05/17/2005 03:20:34 AM · #3 |
One thing you might do is in Outlook Express, right-click on the message, details, message source. The full set of headers can at least show a domain it came from, but if a redirect has been used, it often can be hidden.
Here is the detail of a message I received from my neighbor:
X-Apparently-To: xxxxxxxxxxxx@xxxxxxxxx.xxx via 206.190.37.107; Thu, 12 May 2005 20:56:48 -0700
Authentication-Results: mta809.mail.scd.yahoo.com
from=cox.net; domainkeys=neutral (no sig)
X-Originating-IP: [68.230.241.33]
Return-Path:
Received: from 207.115.20.50 (EHLO flpvm20.prodigy.net) (207.115.20.50)
by mta809.mail.scd.yahoo.com with SMTP; Thu, 12 May 2005 20:56:48 -0700
X-Originating-IP: [68.230.241.33]
Received: from fed1rmmtao06.cox.net (fed1rmmtao06.cox.net [68.230.241.33])
by flpvm20.prodigy.net (8.12.10 083104/8.12.10) with ESMTP id j4D3u159008167
for ; Thu, 12 May 2005 20:56:01 -0700
Received: from home-ekbouylowq ([68.101.158.210]) by fed1rmmtao06.cox.net
(InterMail vM.6.01.04.00 201-2131-118-20041027) with SMTP
id <20050513035617.POEQ19494.fed1rmmtao06.cox.net@home-ekbouylowq>
for ; Thu, 12 May 2005 23:56:17 -0400
MIME-Version: 1.0
Message-Id: <4284255E.000019.00160@HOME-EKBOUYLOWQ>
Date: Thu, 12 May 2005 20:56:14 -0700 (Pacific Daylight Time)
Content-Type: Multipart/related;
type="multipart/alternative";
boundary="------------Boundary-00=_QLTEENY1VA4000000000"
X-Mailer: IncrediMail (4001856)
From: "Fred Juvenile"
To: "Brad"
X-FID: FLAVOR00-NONE-0000-0000-000000000000
X-Priority: 3
X-Antivirus: avast! (VPS 0519-2, 05/12/2005), Inbound message
X-Antivirus-Status: Clean
Obviously all the x's are hiding mine and his email addresses, but the info is there.
Message edited by author 2005-05-17 03:46:40. |
|
|
|
05/17/2005 03:42:08 AM · #4 |
I tried that. I use Microsoft Outlook 2000 full version. If I go under view> options it brings up a message options box. At the bottom in a box called INTERNET headers it should tell me all the information needed to see the IP, etc, etc. But on this email it says:
Return-Path: <>
Delivered-To:
Received: n/a
Received: n/a
Received: n/a =/< for ; Mon, 16 May 2005 10:23:11 -n/a
From: n/a <>
To: xxxxxxxxxx@xxxxxx.net
Subject: dcpinformation
Content-Type: multipart/alternative;
boundary=undisclosed
Envelope-Sender: MAIL
X-db: MAIL1P
X-parse: PROD
Message-Id: <2005057BY6423J4RC.Undisclosed>
Date: Mon, 16 May 2005 10:23:11 -n/a
Message edited by author 2005-05-17 04:47:19. |
|
|
|
05/17/2005 04:10:41 AM · #5 |
Originally posted by SDW65:
I am asking this question for a very specific reason. Tonight an unknown party sent me an email about DPChallenge and some things going on. I was offended by the email and when I went to reply it would send back an email [promptly] saying,
Hi. This is the qmail-send program at smtp1.knology.net.
I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out.
Before I disclose what was said in the email I would like to know if there is a way of tracking the person or party that was responsible for it̢۪s content. I don̢۪t take kindly of people saying bad things about others [yes names are included] especially when they hide their identity. Any help would be grateful.
EDIT:Has anyone else received such an email? and I also have my email address hidden. |
I doubt if you can find out who it came from if the sender really wants to hide. Afterall, if we could trace e-mails accurately there would be a lot less spam. I didn't get the e-mail myself. Did it come as a PM? Not sure it's a good idea to make it public in these forums. I'd say report it to the SC and admins first.
|
|
|
|
05/17/2005 04:16:29 AM · #6 |
| Sometimes you can right click on the address and check out the properties. It may or may not give you a clue. If they really want to hide they will. |
|
|
|
05/17/2005 04:20:45 AM · #7 |
Originally posted by coolhar:
Originally posted by SDW65:
I am asking this question for a very specific reason. Tonight an unknown party sent me an email about DPChallenge and some things going on. I was offended by the email and when I went to reply it would send back an email [promptly] saying,
Hi. This is the qmail-send program at smtp1.knology.net.
I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out.
Before I disclose what was said in the email I would like to know if there is a way of tracking the person or party that was responsible for it̢۪s content. I don̢۪t take kindly of people saying bad things about others [yes names are included] especially when they hide their identity. Any help would be grateful.
EDIT:Has anyone else received such an email? and I also have my email address hidden. |
I doubt if you can find out who it came from if the sender really wants to hide. Afterall, if we could trace e-mails accurately there would be a lot less spam. I didn't get the e-mail myself. Did it come as a PM? Not sure it's a good idea to make it public in these forums. I'd say report it to the SC and admins first. |
I don't believe the reason there's lots of spam is because we can't trace emails. Much spam is sent by a process called 'relaying', where vulnerable corporate email servers are hijacked to send on spam from another source. Also, much spam originates from the far east, and south america. I've installed anti-spam software on many computers which filters by IP address from a list which is updated daily, and the software is incredibly effective. |
|
|
|
05/17/2005 04:24:10 AM · #8 |
Originally posted by coolhar:
Originally posted by SDW65:
I am asking this question for a very specific reason. Tonight an unknown party sent me an email about DPChallenge and some things going on. I was offended by the email and when I went to reply it would send back an email [promptly] saying,
Hi. This is the qmail-send program at smtp1.knology.net.
I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out.
Before I disclose what was said in the email I would like to know if there is a way of tracking the person or party that was responsible for it̢۪s content. I don̢۪t take kindly of people saying bad things about others [yes names are included] especially when they hide their identity. Any help would be grateful.
EDIT:Has anyone else received such an email? and I also have my email address hidden. |
I doubt if you can find out who it came from if the sender really wants to hide. Afterall, if we could trace e-mails accurately there would be a lot less spam. I didn't get the e-mail myself. Did it come as a PM? Not sure it's a good idea to make it public in these forums. I'd say report it to the SC and admins first. |
The one's that know me here know I am not the one to start trouble or repeat hearsay. So "YES" I am going to keep it to myself and I will not even sent a copy to the SC since so many names, things being done, etc., etc. is mentioned in detail. If the person(s) that sent the email wanted this to be spread in the forums then they found the wrong person.
A NOTE TO THE SENDER: If you are a member or user of DPC and can read this thread, if you want the info sent to me published, do it yourself and send to the Administrators or SC. NOT ME!!!!!!!!!!!!!!!! |
|
|
|
05/17/2005 04:29:52 AM · #9 |
Originally posted by SDW65:
Hi. This is the qmail-send program at smtp1.knology.net.
I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out. |
qmail-send is a mail server program that is used to handle sending email messages. This is your ISPs email server sending you an informational email because the headers do not contain a return address. There is no where for the program to send the return email.
---
It is obviously not of any value. Getting upset over random spam is not in the best interest of your general health. ;) After all, they can't even spell DPC correctly. ;D
Best to not give them the satisfaction of a public venting -- unless you need the venting, of course. Forwarding it to the admins would not be a bad idea though -- they should at least be advised that it is going on.
--
Of more interest than where it came from, is how they got your address -- unless you've recently removed it from your profile it isn't posted for the public. I thought it might be the MSN messenger addy you posted to the recent thread, but that is wisely not your main email address. (Incidently, you may want to remove your email address from the headers you posted.)
Have you exchanged emails (no PMs) with someone? ... have any 'playful' friends or family? ... any close personal enemies?
--
But seriously, it's not something to get all worked up about -- life's too short.
David
|
|
|
|
05/17/2005 04:42:25 AM · #10 |
Originally posted by Britannica:
[quote=SDW65] Hi. This is the qmail-send program at smtp1.knology.net.
I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out. |
qmail-send is a mail server program that is used to handle sending email messages. This is your ISPs email server sending you an informational email because the headers do not contain a return address. There is no where for the program to send the return email.
---
Originally posted by Britannica:
It is obviously not of any value. Getting upset over random spam is not in the best interest of your general health. ;) After all, they can't even spell DPC correctly. ;D |
Good one, I did not even notice that.
Originally posted by Britannica:
Best to not give them the satisfaction of a public venting -- unless you need the venting, of course. Forwarding it to the admins would not be a bad idea though -- they should at least be advised that it is going on. |
I will NOT post in the forums because I do not want any part of hearsay or give them the satisfaction.
I'm not going to send it to the admins because if the person(s) that took the time to send me this and mask it was IMO wanting to make waves, making things up, or just being stupid. If I thought it to be true then I would send to the admins.
--
Originally posted by Britannica:
Of more interest than where it came from, is how they got your address -- unless you've recently removed it from your profile it isn't posted for the public. I thought it might be the MSN messenger addy you posted to the recent thread, but that is wisely not your main email address. (Incidently, you may want to remove your email address from the headers you posted.) |
YES I did have my email posted in my profile for a while till I was told it was not a good thing because of spam. I have had it hidden for a while now.
Originally posted by Britannica:
Have you exchanged emails (no PMs) with someone? ... have any 'playful' friends or family? ... any close personal enemies? |
I exchange messages through email but to close friends that would not do something like this. Most don't even know about DPChallenge. And right of the top of my head I can't think of any enemies.
--
Originally posted by Britannica:
But seriously, it's not something to get all worked up about -- life's too short.
David |
I'm not worked up about it. It just unnerves me when people talk about others [especially naming names] and placing accusations on them and groups of people and don't have the courage to tell it themselves if they believe it to be true.
Message edited by author 2005-05-17 04:50:51. |
|
|
|
05/17/2005 08:12:30 AM · #11 |
Originally posted by BobsterLobster:
I don't believe the reason there's lots of spam is because we can't trace emails. Much spam is sent by a process called 'relaying', where vulnerable corporate email servers are hijacked to send on spam from another source. |
The reason there is a lot of spam, or rather lack of convictions for spamming offences, is because the email cannot easily be tied to the actual person clicking the 'Send' button. As you rightly say, open relays are a major source of spam, but often you cannot trace the email's origin any further back than that server. So going back to your original point, the reason there is a lot of spam IS because we can't trace emails.
Incidentally, a large amount of spam is still sent from within the US, so it's not purely geographic. |
|
|
|
05/17/2005 08:33:24 AM · #12 |
Well, yes that was what I meant! You can trace the email but only as far back as the vulnerable open relay. Also, I doubt whoever sent the email discussed above has access to an open relay.
It's a mystery why the above header is so cryptic! |
|
|
|
05/17/2005 08:47:16 AM · #13 |
That's just the way email headers are.
The way to find out the origin server is to look at the Received lines from the bottom up.
In the case of BradP's email, the origin host is fed1rmmtao06.cox.net. |
|
|
|
05/17/2005 09:12:10 AM · #14 |
I don't know if you've misunderstood... Brad's is easy to work out.
It's SDW65's email that is a mystery. |
|
|
|
05/17/2005 01:40:57 PM · #15 |
Originally posted by PaulMdx:
That's just the way email headers are.
The way to find out the origin server is to look at the Received lines from the bottom up.
In the case of BradP's email, the origin host is fed1rmmtao06.cox.net. |
The earliest timestamped _valid_ Recieved: line will tell you where the message came from. Some Recieved: lines are forged, so you have to be careful. IIRC, the Recieved: line is inserted by the mailservers/routers the email traverses, and added to the top of the list, so the forged ones will be at the bottom of the list. In the case of BradP's email, the last Recieved header line is:
Received: from home-ekbouylowq ([68.101.158.210]) by ed1rmmtao06.cox.net
(InterMail vM.6.01.04.00 201-2131-118-20041027) with SMTP id <20050513035617.POEQ19494.fed1rmmtao06.cox.net@home-ekbouylowq> for ; Thu, 12 May 2005 23:56:17 -0400
This tells us that a machine possibly named home-ekbouylowq originated the message. The IP address the first "internet" mailserver saw is 68.101.158.210. The mailserver is ed1rmmtao06.cox.net, so 68.101.158.210 is probably the IP address of the sender's PC or router (whichever is connected to the internet). The part: SMTP id <20050513035617.POEQ19494.fed1rmmtao06.cox.net@home-ekbouylowq
is put in by cox.net and is a unique id for this message.
The whole message shows that
home-ekbouylowq ([68.101.158.210]) sent a message to fed1rmmtao06.cox.net
fed1rmmtao06.cox.net (fed1rmmtao06.cox.net [68.230.241.33]) sent the message to flpvm20.prodigy.net
207.115.20.50 (EHLO flpvm20.prodigy.net) sent the message to mta809.mail.scd.yahoo.com with SMTP
in English, the message went from the user to his/her provider on Cox Cable, through the Prodigy system to Yahoo.
Using //www.geobytes.com/IpLocator.htm?GetLocation , the user's IP address, 68.101.158.210, seems to be in Poway, California (99% certainty).
Originally posted by BradP:
Received: from 207.115.20.50 (EHLO flpvm20.prodigy.net) (207.115.20.50)
by mta809.mail.scd.yahoo.com with SMTP; Thu, 12 May 2005 20:56:48 -0700
X-Originating-IP: [68.230.241.33]
Received: from fed1rmmtao06.cox.net (fed1rmmtao06.cox.net [68.230.241.33])
by flpvm20.prodigy.net (8.12.10 083104/8.12.10) with ESMTP id j4D3u159008167
for ; Thu, 12 May 2005 20:56:01 -0700
Received: from home-ekbouylowq ([68.101.158.210]) by fed1rmmtao06.cox.net
(InterMail vM.6.01.04.00 201-2131-118-20041027) with SMTP
id <20050513035617.POEQ19494.fed1rmmtao06.cox.net@home-ekbouylowq>
for ; Thu, 12 May 2005 23:56:17 -0400
MIME-Version: 1.0
Message-Id: <4284255E.000019.00160@HOME-EKBOUYLOWQ>
|
|
|
|
|
05/17/2005 02:13:23 PM · #16 |
Must be something more to it than that, or a mistake somewhere. Poway is BradP's location.
|
|
|
|
05/17/2005 02:21:56 PM · #17 |
Originally posted by coolhar:
Must be something more to it than that, or a mistake somewhere. Poway is BradP's location. |
Didn't he say that this was an email that he received from his neighbour?
|
|
|
|
05/17/2005 02:34:24 PM · #18 |
That was only an example of info in the headers in an email.
Yes, it was from my next door neighbor, and correct on Poway,CA.
Mine wasn't the email in question though, just used one of mine as an example.
Besides, I KNOW where he lives...LOL |
|
|
|
05/17/2005 02:41:00 PM · #19 |
Originally posted by AJAger:
Didn't he say that this was an email that he received from his neighbour? |
Right, my bad. I thought that perhaps hankk had confused the to with the from. Or that the sender of the offensive e-mail had spoofed it to look like it came from the place it was going to.
hankk, could you do the same type of analysis on the header posted by SDW65? Please.
|
|
|
|
05/17/2005 02:42:53 PM · #20 |
Originally posted by coolhar:
hankk, could you do the same type of analysis on the header posted by SDW65? Please. |
There was no info in the header SDW65 posted. That's the problem. |
|
|
|
05/17/2005 02:57:43 PM · #21 |
|
|
|
05/17/2005 04:47:37 PM · #22 |
Originally posted by mk:
Originally posted by coolhar:
hankk, could you do the same type of analysis on the header posted by SDW65? Please. |
There was no info in the header SDW65 posted. That's the problem. |
Yes, it seems to be a problem.
SDW65, please check the message again. Use view->options, and make sure you get them all (the user may have put in a bogus header that was blank). Also try viewing the source of the message, and search for "To:" "From:" "Received:" etc, to see if that shows up.
See //office.microsoft.com/en-us/assistance/HA010937071033.aspx and //www.awprofessional.com/articles/article.asp?p=24263&seqNum=6&rl=1
Does other email you get have correct "Received:" headers?
How do you get email? (POP, IMAP, microsoft exchange server?)
Is the email still available on a server so you can get it with a different email program?
Do you care enough to spend the effort to track the guy down? It may be the guy was trying to be witty, and only accomplished half his goal ;-)
|
|
|
|
05/17/2005 04:58:01 PM · #23 |
| I copied and pasted the header. But no biggie I'm not giving him/her the time of day. People like that are scum. I will not fall into there trap of posting hearsay's. |
|
|
|
05/18/2005 11:10:18 AM · #24 |
NM...wasn't paying enough attention
Message edited by author 2005-05-18 11:11:09. |
|
|
|
05/19/2005 02:21:41 PM · #25 |
Originally posted by SDW65:
I copied and pasted the header. But no biggie I'm not giving him/her the time of day. People like that are scum. I will not fall into there trap of posting hearsay's. |
We're probably all beter off ignoring these kind of guys and spending our time going out and taking pictures...speaking of which, I've gota go outside and take some pictures :-) |
|
Home -
Challenges -
Community -
League -
Photos -
Cameras -
Lenses -
Learn -
Help -
Terms of Use -
Privacy -
Top ^
DPChallenge, and website content and design, Copyright © 2001-2025 Challenging Technologies, LLC.
All digital photo copyrights belong to the photographers and may not be used without permission.
Current Server Time: 09/13/2025 09:17:41 AM EDT.
