Section Two - Finding the Service Provider
The most reliable way to determine the service provider the Spam was sent through is to look through the received headers. You can also take into account the domain name in the email address the email was sent from, as well as any domains or URLs included in the text of the email. 


        Received: from pmta07.mta.provider.net (bigiplb-dsnat [172.16.0.19])
                by imta14.mta.provider.net (Postfix) with ESMTP id A73751857A6
                for ; Thu, 12 May 2005 11:30:03 -0700 (PDT)
        Received: from c3po.sender.com (205.210.42.42 [205.210.42.42])
                by pmta07.mta.provider.net (EON-PMTA) with ESMTP id 9DAC2847
                for ; Thu, 12 May 2005 11:30:03 -0700
        Received: from localhost (localhost [127.0.0.1])
                by c3po.sender.com (Postfix) with ESMTP id 15E108B74F
                for ; Thu, 12 May 2005 11:30:01 -0400 (EDT)
        Received: from c3po.sender.com ([127.0.0.1])
                by localhost (c3po.sender.com [127.0.0.1]) (amavisd-new, port 10024)
                with ESMTP id 15063-07 for ;
                Thu, 12 May 2005 11:30:01 -0400 (EDT)
        Received: from [192.168.1.26] (office.sender.com [66.207.199.34])
                by c3po.sender.com (Postfix) with ESMTP id 04B9E8B749
                for ; Thu, 12 May 2005 11:30:01 -0400 (EDT)

These headers may be presented either from first to last or last to first; you'll have to check the times to see which way it is going. Please realise that servers may be in different time zones, so take that into account. In the above example the top-most is the last step, pmta07.mta.provider.net being the server that received it for the end-user, and c3po.sender.com is the server that sent it for the sender, and the steps in between describe the journey from one to the other.

What you're looking for is the first server sending the email, as on the way it may pass through email forwarding servers or other intermediary machines in ISPs' and other providers' systems. In the case above, that server is named c3po.sender.com, what you will want to make note of is the domain name: sender.com. Also make note of the domain name in the email address and any in the body of the email, though the server name is the best guess to find who to complain to.

 





Great Customer Support
We provide responsive customer support to assist you with your domain account.
You can email our support staff anytime, day or night, or call our toll-free support line
(1-888-677-4741) during regular business hours.

   Domain Name Registration    Domain Name Transfers    E-Mail Forwarding
   DNS Service & Management    Dynamic DNS Service    Secondary DNS Service

©2008 easyDNS™ Technologies Inc. -- Privacy Policy