Help me in findling out the real sender of this mail

[vbhagyan]

Hi Friends,

i got a mail from a company regarding recruitment. Since i had a doubt in that company. i traced that email headers. i found that it has been mailed from a NOCC mail client. Not by the company's SMTP server. I think my analysis is right. even though i had a doubt. I attached that email header. Help me;

Note: id is changed as xxx and domain of tha company is changed as yyy.

=======================================================

Delivered-To: vijayathreyan@gmail.com
Received: by 10.114.15.20 with SMTP id 20cs985159wao;
Tue, 24 Apr 2007 01:53:58 -0700 (PDT)
Received: by 10.115.23.12 with SMTP id a12mr2968420waj.1177404838292;
Tue, 24 Apr 2007 01:53:58 -0700 (PDT)
Return-Path: <xxx@yyy.com>
Received: from mail.cjb.net (mail.cjb.net [216.194.70.5])
by mx.google.com with ESMTP id n20si162300pof.2007.04.24.01.53.57;
Tue, 24 Apr 2007 01:53:58 -0700 (PDT)
Received-SPF: fail (google.com: domain of xxx@yyy.com does not designate 216.194.70.5 as permitted sender)
Received: from webmail.cjb.net (cjb.net [216.194.70.4])
by mail.cjb.net (8.14.1/8.14.1) with ESMTP id l3O8rurr028591;
Tue, 24 Apr 2007 02:53:57 -0600 (MDT)
Message-Id: <200704240853.l3O8rurr028591@mail.cjb.net>
To: <vijayathreyan@gmail.com>
Subject: =?UTF-8?B?Q292YW5zeXMgSW50ZXJ2aWV3IFNjaGVkdWxlIFBvc3Rwb25lZA==?=
From: <xxx@yyy.com>
Cc: <zzz@yahoo.co.in>
Date: Tue, 24 Apr 2007 02:53:56 -0600
Reply-To: <xxx@yyy.com>
Errors-To: <xxx@yyy.com>
X-Priority: 3 (Normal)
X-Originating-IP: [122.169.134.210]
X-Originating-User: [msrinivas001]
User-Agent: NOCC <*nocc.sourceforge.net/>
MIME-Version: 1.0
Content-Type: text/plain;
charset="UTF-8"
Content-Transfer-Encoding: 8bit

 

[Choto Cheeta]

any Web Server having phpmail function can used to send such emails

where as it seems mail server

Received: from mail.cjb.net (mail.cjb.net [216.194.70.5])

spam !!! avoid it...

 

[piyush gupta]

^Spam mail

Looks sent thorugh PHP Script

 

[Sukhdeep Singh]

Yep, its a SPAM. Not sure if its a PHP Mail since PHP Mail has Return Path = nobody@hostname.com

 

[piyush gupta]

^^Its smart PHP mail

 

[Choto Cheeta]

can v REALLY track a person through email sent ?

If you have GOV back up, one can be tracked through IP addresses... !!

 

[piyush gupta]

^^ yes we can but only sender location nearby

Search fro Email trakcer on google for more info

IT works basically for only ip address

but will give u 95% approx. location of person

 

[s18000rpm]

i got a nooby doubt, as we BSNL users turn ON & OFF the modem to change the IP addrs. while d/lin frm Rapidshare, how can one trace such users?

coz the IP changes, right?

btw @piyush gupta, why you in Invisibe mode? , hiding?

 

[Choto Cheeta]

but will give u 95% approx. location of person

when u send a ISP notice from GOV or court order, u may get the exact Telephone number of Address to whoom the IP was issued !!!! to that makes it 100 % !!! only if any one uses a Proxy then it becaose a little defficult but then too it is possible to ask the proxy server !!

 

[satyamy]

any Web Server having phpmail function can used to send such emails

where as it seems mail server



spam !!! avoid it...

what is your opinion about this mail

From Digit Forum Thu Apr 26 23:36:20 2007
X-Apparently-To: satyamay2002@yahoo.co.in via 202.86.4.24; Thu, 26 Apr 2007 23:37:51 +0530
X-Originating-IP: [161.58.178.230]
Return-Path: <robert_smith@jasubhai.com>
Authentication-Results: mta130.mail.in.yahoo.com from=jasubhai.com; domainkeys=neutral (no sig)
Received: from 161.58.178.230 (EHLO linux12002.dn.net) (161.58.178.230) by mta130.mail.in.yahoo.com with SMTP; Thu, 26 Apr 2007 23:37:51 +0530
Received: (qmail 4467 invoked by uid 509); 26 Apr 2007 23:37:51 +0530
Received: from localhost.dn.net (HELO linux12002.dn.net) (127.0.0.1) by linux12002.dn.net with SMTP; Thu, 26 Apr 2007 23:37:51 +0530
Received: (from nobody@localhost) by linux12002.dn.net (8.13.1/8.13.1/Submit) id l3QI6KBv004344; Thu, 26 Apr 2007 23:36:20 +0530
Date: Thu, 26 Apr 2007 23:36:20 +0530
X-Authentication-Warning: linux12002.dn.net: nobody set sender to robert_smith@jasubhai.com using -f
To: satyamay2002@yahoo.co.in
Subject: Reply to post 'Deo......'
From: "Digit Forum" <robert_smith@jasubhai.com> Add to Address Book
Auto-Submitted: auto-generated
Message-ID: <200704261820.8bb3e2789739@www.thinkdigit.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 8bit
X-Priority: 3
X-Mailer: vBulletin Mail via PHP
Content-Length: 920

Received: (from nobody@localhost) by linux12002.dn.net

 

[piyush gupta]

@piyush gupta, why you in Invisibe mode? , hiding?

NO buddy I checekd remember me check box and default login at userCP to invisible mode

and i forgot to open it

do u have any prob

 

[s18000rpm]

why you getting serious about it

jus asked .

coz i do that when i want NOT to Be Spied by Vimal

 

[piyush gupta]

^^ Ecen i started it when was spying with Vimal

but i forogot to uncheck it

Dont mind I m not that serious
cheers

 

[Choto Cheeta]

@satyamy

one would need to read the full header

Received: (from nobody@localhost) by linux12002.dn.net (8.13.1/8.13.1/Submit) id l3QI6KBv004344; Thu, 26 Apr 2007 23:36:20 +0530
Date: Thu, 26 Apr 2007 23:36:20 +0530
X-Authentication-Warning: linux12002.dn.net: nobody set sender to robert_smith@jasubhai.com using -f

 

[prinz]

what is GOV back up?...

 

[Choto Cheeta]

what is GOV back up?...

what I mean is, you approch to ISP through proper channel and thats Indian Court orders or Security Agency like Police or CBI approches to the ISP for details...