Tags |
|
|
Links |
|
|
Write You - How To Determine The Origin Of Spam
Natural linking, what is it and how do I get it? More importantly, do I need it? If you run an Internet web presence that you want others to find in the search engines then the answer to the latter is YES!What is natural linking? That is an easy question to answer. Natural linking occurs when someone places a link to your site from another site. The reason that someone might link to your site is not really important, the fact that they placed the link is the only thing that matters.Some of the reasons that someone might place a link to your site or to a page within your website are:• Your site offers some information that supports a fact or reinforces a position contained within another site. • Your site offers some tools or resources that would be
Secondly, the Subject: line. It contains the variations of the “Meds” and “Viagra” words that are known to be met in spam messages. Plus, the subject contains a range of random characters. It’s obvious that the subject line is skillfully tailored to fool anti-spam filters.
Lastly, let’s analyze the Received: lines. We start from the oldest one - Received: from 164.145.240.209 by 60.17.139.96; Tue, 07 Nov 2006 05:53:35 -0500. There are two IP addresses in it: 60.17.139.96 says it received the message from 164.145.240.209.
We check if the next (and last in this case) mail server in the chain confirms the state of the first Received: line. In the second Received: field we have: Received: from unknown (HELO 60.17.139.96) (221.200.13.158) by mail1.myserver.xx with SMTP; 7 Nov 2006 10:54:16 -0000.
mail1.myserver.xx is our server and we can trust it. It received the message from an "unknown" host, which says it has the IP address 60.17.139.96. Yes, this confirms what the previous
A home-based business is a great way for those with extra time on their hands to make money. Or for those who want to eliminate the stress that comes from working for others, setting up a home-based business is a perfect solution. It may be a perfect opportunity for you but it will also take a lot of work to get it up and running. To be able to successfully build a home internet business ask yourself if have the patients to master the skills required to make your venture successful.1. Getting a Business Plan TogetherHaving the skills required to be able to develop a successful business plan is paramount for any businessperson. Ask any successful entrepreneur, planning is essential to success. Make sure you have a solid plan before you do anything. Plan your bus
Let’s look inside a spam message. Every email message includes two parts, the body and the header. The body is the actual message text and attachments. The header is a kind of the envelope of the message. The header shows the address of the message sender, the address of the message recipient, the message subject and other information. Email programs usually display these header fields:
From: shows the sender's name and email address.
To: shows the recipient's name and email address.
Date: shows the date when the message was sent.
Subject: shows the message subject.
The From: field usually contains the sender's email address. This lets you know who sent the message and allows you easily reply. Spammers, of course, don’t want you to reply and don’t want you to know who they are. Therefore, they put forged email addresses into the From: lines of their emails. So the From: field won’t help you if you want to determine where the spam email comes from.
Just like a postal letter goes through a number of post offices before it’s delivered to the recipient, an email message is processed by several mail servers. Each mail server adds a line to the message header – a Received: line – which contains
- the server name and IP address of the machine the server received the message from and
- the name of the mail server itself.
Each Received: line is inserted at the top of the message header. If we want to reproduce the message’s path from sender to recipient, we start from the topmost Received: line and walk down until the last one, which is where the email originated.
Just like the From: field the Received: lines may contain forged information to fool those who would want to trace the spammer. Because every mail server inserts the Received: line at the top of the header, we start the analysis from the top.
The Received: lines forged by spammers usually look like normal Received: fields. We can hardly tell whether the Received: line is forged or not at first sight. We should analyze all the Received: lines chain to find out a forged Received: field.
As we mentioned above, every mail server registers not only its name but also the IP address of the machine it got the message from. We simply need to look what name a server puts and what the next server in the chain says. If the servers don’t match, the earlier Received: line is forged.
The origin of the email is what the server immediately after the forged Received: line says about where it received the message from.
Let's see how determining of the spam email origin works in real life. Here is the header of a spam message we’ve recently received:
**************************************************
Return-Path: < umceqhzjmndfy @ hawaiicity.com >
Delivered-To: press @ mydomain.com
Received: from unknown (HELO 60.17.139.96) (221.200.13.158) by mail1.myserver.xx with
SMTP; 7 Nov 2006 10:54:16 -0000
Received: from 164.145.240.209 by 60.17.139.96; Tue, 07 Nov 2006 05:53:35 -0500
Date: Tue, 07 Nov 2006 12:48:35 +0200
From: Pharmacy < umceqhzjmndfy @ hawaiicity.com >
Reply-To: umceqhzjmndfy < umceqhzjmndfy @ hawaiicity.com >
X-Priority: 3 (Normal)
Message-ID: < 15216897.20061108040652 @ hawaiicity.com >
To: press@mydomain.com
Subject: Cheap Med*s V!agra Many Med_s QnNXpRy9
MIME-Version: 1.0
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
**************************************************
At first, look at the forged From: field. The email address in the From: and Reply-To: lines doesn’t exist. So, the spammer took care about directing bounced messages and all the indignant replies people may send to a non-existing email account.
Secondly, the Subject: line. It contains the variations of the “Meds” and “Viagra” words that are known to be met in spam messages. Plus, the subject contains a range of random characters. It’s obvious that the subject line is skillfully tailored to fool anti-spam filters.
Lastly, let’s analyze the Received: lines. We start from the oldest one - Received: from 164.145.240.209 by 60.17.139.96; Tue, 07 Nov 2006 05:53:35 -0500. There are two IP addresses in it: 60.17.139.96 says it received the message from 164.145.240.209.
We check if the next (and last in this case) mail server in the chain confirms the state of the first Received: line. In the second Received: field we have: Received: from unknown (HELO 60.17.139.96) (221.200.13.158) by mail1.myserver.xx with SMTP; 7 Nov 2006 10:54:16 -0000.
mail1.myserver.xx is our server and we can trust it. It received the message from an "unknown" host, which says it has the IP address 60.17.139.96. Yes, this confirms what the previous
Google is the pre-eminent search engine (SE) with no close competitor. Given that inclusion is free, your Web pages must be in it. We'll show you how to top the Google SERPs, that is, be found at the top of the search engine results pages. These techniques are known as search engine optimization (SEO) and require a small investment of your time.I took two of my sites to the top of the SERPs in three months, so it can be done. My pages have few competitors: my challenge was mainly to get past false positives such as resumes, job vacancies, articles, and so on. If you are competing with "real" sites that are selling competitive products such as the ones you read about in your spam e-mails, you can get there within a year with some persistence.GoalCas
Date: shows the date when the message was sent.
Subject: shows the message subject.
The From: field usually contains the sender's email address. This lets you know who sent the message and allows you easily reply. Spammers, of course, don’t want you to reply and don’t want you to know who they are. Therefore, they put forged email addresses into the From: lines of their emails. So the From: field won’t help you if you want to determine where the spam email comes from.
Just like a postal letter goes through a number of post offices before it’s delivered to the recipient, an email message is processed by several mail servers. Each mail server adds a line to the message header – a Received: line – which contains
- the server name and IP address of the machine the server received the message from and
- the name of the mail server itself.
Each Received: line is inserted at the top of the message header. If we want to reproduce the message’s path from sender to recipient, we start from the topmost Received: line and walk down until the last one, which is where the email originated.
Just like the From: field the Received: lines may contain forged information to fool those who would want to trace the spammer. Because every mail server inserts the Received: line at the top of the header, we start the analysis from the top.
The Received: lines forged by spammers usually look like normal Received: fields. We can hardly tell whether the Received: line is forged or not at first sight. We should analyze all the Received: lines chain to find out a forged Received: field.
As we mentioned above, every mail server registers not only its name but also the IP address of the machine it got the message from. We simply need to look what name a server puts and what the next server in the chain says. If the servers don’t match, the earlier Received: line is forged.
The origin of the email is what the server immediately after the forged Received: line says about where it received the message from.
Let's see how determining of the spam email origin works in real life. Here is the header of a spam message we’ve recently received:
**************************************************
Return-Path: < umceqhzjmndfy @ hawaiicity.com >
Delivered-To: press @ mydomain.com
Received: from unknown (HELO 60.17.139.96) (221.200.13.158) by mail1.myserver.xx with
SMTP; 7 Nov 2006 10:54:16 -0000
Received: from 164.145.240.209 by 60.17.139.96; Tue, 07 Nov 2006 05:53:35 -0500
Date: Tue, 07 Nov 2006 12:48:35 +0200
From: Pharmacy < umceqhzjmndfy @ hawaiicity.com >
Reply-To: umceqhzjmndfy < umceqhzjmndfy @ hawaiicity.com >
X-Priority: 3 (Normal)
Message-ID: < 15216897.20061108040652 @ hawaiicity.com >
To: press@mydomain.com
Subject: Cheap Med*s V!agra Many Med_s QnNXpRy9
MIME-Version: 1.0
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
**************************************************
At first, look at the forged From: field. The email address in the From: and Reply-To: lines doesn’t exist. So, the spammer took care about directing bounced messages and all the indignant replies people may send to a non-existing email account.
Secondly, the Subject: line. It contains the variations of the “Meds” and “Viagra” words that are known to be met in spam messages. Plus, the subject contains a range of random characters. It’s obvious that the subject line is skillfully tailored to fool anti-spam filters.
Lastly, let’s analyze the Received: lines. We start from the oldest one - Received: from 164.145.240.209 by 60.17.139.96; Tue, 07 Nov 2006 05:53:35 -0500. There are two IP addresses in it: 60.17.139.96 says it received the message from 164.145.240.209.
We check if the next (and last in this case) mail server in the chain confirms the state of the first Received: line. In the second Received: field we have: Received: from unknown (HELO 60.17.139.96) (221.200.13.158) by mail1.myserver.xx with SMTP; 7 Nov 2006 10:54:16 -0000.
mail1.myserver.xx is our server and we can trust it. It received the message from an "unknown" host, which says it has the IP address 60.17.139.96. Yes, this confirms what the previous
Historically, customer service was delivered over the phone or in person. Customers didn’t have many choices, and switching to competitors was cumbersome. Today, these methods are but two of the many possible touch points of entry for any given interaction. With all the options the Internet brings, competition is literally a click away. If, as has been reported, 65% of your business comes from current customers, then in order to stay in business, you best focus on winning the satisfaction and loyalty of those customers.With continued attention on customer service, customer retention, and lifetime value of the customer, it is no surprise that contact center operations continue to increase in importance as the primary hub of a customer’s experience. The contact center is
Just like the From: field the Received: lines may contain forged information to fool those who would want to trace the spammer. Because every mail server inserts the Received: line at the top of the header, we start the analysis from the top.
The Received: lines forged by spammers usually look like normal Received: fields. We can hardly tell whether the Received: line is forged or not at first sight. We should analyze all the Received: lines chain to find out a forged Received: field.
As we mentioned above, every mail server registers not only its name but also the IP address of the machine it got the message from. We simply need to look what name a server puts and what the next server in the chain says. If the servers don’t match, the earlier Received: line is forged.
The origin of the email is what the server immediately after the forged Received: line says about where it received the message from.
Let's see how determining of the spam email origin works in real life. Here is the header of a spam message we’ve recently received:
**************************************************
Return-Path: < umceqhzjmndfy @ hawaiicity.com >
Delivered-To: press @ mydomain.com
Received: from unknown (HELO 60.17.139.96) (221.200.13.158) by mail1.myserver.xx with
SMTP; 7 Nov 2006 10:54:16 -0000
Received: from 164.145.240.209 by 60.17.139.96; Tue, 07 Nov 2006 05:53:35 -0500
Date: Tue, 07 Nov 2006 12:48:35 +0200
From: Pharmacy < umceqhzjmndfy @ hawaiicity.com >
Reply-To: umceqhzjmndfy < umceqhzjmndfy @ hawaiicity.com >
X-Priority: 3 (Normal)
Message-ID: < 15216897.20061108040652 @ hawaiicity.com >
To: press@mydomain.com
Subject: Cheap Med*s V!agra Many Med_s QnNXpRy9
MIME-Version: 1.0
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
**************************************************
At first, look at the forged From: field. The email address in the From: and Reply-To: lines doesn’t exist. So, the spammer took care about directing bounced messages and all the indignant replies people may send to a non-existing email account.
Secondly, the Subject: line. It contains the variations of the “Meds” and “Viagra” words that are known to be met in spam messages. Plus, the subject contains a range of random characters. It’s obvious that the subject line is skillfully tailored to fool anti-spam filters.
Lastly, let’s analyze the Received: lines. We start from the oldest one - Received: from 164.145.240.209 by 60.17.139.96; Tue, 07 Nov 2006 05:53:35 -0500. There are two IP addresses in it: 60.17.139.96 says it received the message from 164.145.240.209.
We check if the next (and last in this case) mail server in the chain confirms the state of the first Received: line. In the second Received: field we have: Received: from unknown (HELO 60.17.139.96) (221.200.13.158) by mail1.myserver.xx with SMTP; 7 Nov 2006 10:54:16 -0000.
mail1.myserver.xx is our server and we can trust it. It received the message from an "unknown" host, which says it has the IP address 60.17.139.96. Yes, this confirms what the previous
To be a success is not always to be a success individually. In fact, most of the time we achieve our successes as part of a team. That is why I want to devote this issue to the secrets of successful team.We are all part of teams. Our family is a team. Our place of work is a team. The community groups we belong to are teams. Sometimes we are the team leader or "coach," while other times we fulfill the role of follower, or "player." It is so important then for us to understand teams and how they work, especially those who achieve success - the achievement of their desired goal.In my life I have been on some successful teams, and some not so successful teams. This includes both athletically as well as professionally. When I was growing up, I worked for seven years
**************************************************
Return-Path: < umceqhzjmndfy @ hawaiicity.com >
Delivered-To: press @ mydomain.com
Received: from unknown (HELO 60.17.139.96) (221.200.13.158) by mail1.myserver.xx with
SMTP; 7 Nov 2006 10:54:16 -0000
Received: from 164.145.240.209 by 60.17.139.96; Tue, 07 Nov 2006 05:53:35 -0500
Date: Tue, 07 Nov 2006 12:48:35 +0200
From: Pharmacy < umceqhzjmndfy @ hawaiicity.com >
Reply-To: umceqhzjmndfy < umceqhzjmndfy @ hawaiicity.com >
X-Priority: 3 (Normal)
Message-ID: < 15216897.20061108040652 @ hawaiicity.com >
To: press@mydomain.com
Subject: Cheap Med*s V!agra Many Med_s QnNXpRy9
MIME-Version: 1.0
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
**************************************************
At first, look at the forged From: field. The email address in the From: and Reply-To: lines doesn’t exist. So, the spammer took care about directing bounced messages and all the indignant replies people may send to a non-existing email account.
Secondly, the Subject: line. It contains the variations of the “Meds” and “Viagra” words that are known to be met in spam messages. Plus, the subject contains a range of random characters. It’s obvious that the subject line is skillfully tailored to fool anti-spam filters.
Lastly, let’s analyze the Received: lines. We start from the oldest one - Received: from 164.145.240.209 by 60.17.139.96; Tue, 07 Nov 2006 05:53:35 -0500. There are two IP addresses in it: 60.17.139.96 says it received the message from 164.145.240.209.
We check if the next (and last in this case) mail server in the chain confirms the state of the first Received: line. In the second Received: field we have: Received: from unknown (HELO 60.17.139.96) (221.200.13.158) by mail1.myserver.xx with SMTP; 7 Nov 2006 10:54:16 -0000.
mail1.myserver.xx is our server and we can trust it. It received the message from an "unknown" host, which says it has the IP address 60.17.139.96. Yes, this confirms what the previous
One university professor chose names at random from a telephone directory, and then sent these complete strangers his Christmas cards. Holiday cards addressed to him came pouring back, all from people who did not know him and, for that matter, who had never even heard of him.In another study, researcher Dennis Regan had two individuals try to sell raffle tickets to unsuspecting workers. One individual made a conscientious effort to befriend the workers before attempting to sell any tickets. The other individual made a point of being rude and obnoxious around the workers. While on a break, the individual who had previously been rude to his prospects bought them drinks before trying to get them to buy tickets. The results of the study showed that the rude individual actu
Secondly, the Subject: line. It contains the variations of the “Meds” and “Viagra” words that are known to be met in spam messages. Plus, the subject contains a range of random characters. It’s obvious that the subject line is skillfully tailored to fool anti-spam filters.
Lastly, let’s analyze the Received: lines. We start from the oldest one - Received: from 164.145.240.209 by 60.17.139.96; Tue, 07 Nov 2006 05:53:35 -0500. There are two IP addresses in it: 60.17.139.96 says it received the message from 164.145.240.209.
We check if the next (and last in this case) mail server in the chain confirms the state of the first Received: line. In the second Received: field we have: Received: from unknown (HELO 60.17.139.96) (221.200.13.158) by mail1.myserver.xx with SMTP; 7 Nov 2006 10:54:16 -0000.
mail1.myserver.xx is our server and we can trust it. It received the message from an "unknown" host, which says it has the IP address 60.17.139.96. Yes, this confirms what the previous Received: line says.
Now let’s find out where our mail server got the message from. For this purpose, we look at the IP address in brackets before the server name mail1.myserver.xx. It is 221.200.13.15. This is the IP address the connection was established from, and it is not 60.17.139.96. The spam message originates from 221.200.13.15. It’s important to note that it’s not necessarily that the spammer is sitting at the computer 221.200.13.15 and sending spam over the world. It may happen the computer’s owner doesn’t even suspect of being sending spam. The computer may be hijacked by a Trojan, which is spreading spam without the machine’s owner knowing it.
We hope this information will help you identify the spammer's ISP and report them about spam so they can take proper measures.
HTTP = HTML link (for blogs, profiles,phorums):
<a href="http://www.writeyou.net/article/81154/writeyou-How-To-Determine-The-Origin-Of-Spam.html">How To Determine The Origin Of Spam</a>
BB link (for phorums):
[url=http://www.writeyou.net/article/81154/writeyou-How-To-Determine-The-Origin-Of-Spam.html]How To Determine The Origin Of Spam[/url]
Related Articles:
Subscriber Incentives: Are They Effective?
Internet Marketing Faux Pas Anyone?
Recover Your Investments via Optimizing Your Website
Bookmark it:
|