Quale indirizzo IP nelle intestazioni delle e-mail è del mittente? [chiuso]

Naviga le tue risposte
1

Ho le intestazioni di alcune e-mail che ho ricevuto. Ci sono molti indirizzi IP in queste intestazioni. Quale appartiene al mittente? L'indirizzo nelle intestazioni è affidabile?

Esempio 1: 

Delivered-To: [email protected]
Received: by 10.60.17.1 with SMTP id k1csp74699oed;
        Mon, 17 Jun 2013 23:56:20 -0700 (PDT)
X-Received: by 10.50.7.1 with SMTP id f1mr461112iga.48.1371538580627;
        Mon, 17 Jun 2013 23:56:20 -0700 (PDT)
Return-Path: <[email protected]>
Received: from nm41-vm4.bullet.mail.ne1.yahoo.com (nm41-vm4.bullet.mail.ne1.yahoo.com. [98.138.120.220])
        by mx.google.com with ESMTPS id l13si14092764igt.31.2013.06.17.23.56.20
        for <[email protected]>
        (version=TLSv1 cipher=RC4-SHA bits=128/128);
        Mon, 17 Jun 2013 23:56:20 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of [email protected] designates 98.138.120.220 as permitted sender) client-ip=98.138.120.220;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of [email protected] designates 98.138.120.220 as permitted sender) [email protected];
       dkim=pass [email protected]
Received: from [98.138.90.51] by nm41.bullet.mail.ne1.yahoo.com with NNFMP; 18 Jun 2013 06:56:20 -0000
Received: from [98.138.226.169] by tm4.bullet.mail.ne1.yahoo.com with NNFMP; 18 Jun 2013 06:56:20 -0000
Received: from [127.0.0.1] by omp1070.mail.ne1.yahoo.com with NNFMP; 18 Jun 2013 06:56:20 -0000
X-Yahoo-Newman-Property: ymail-3
X-Yahoo-Newman-Id: [email protected]
Received: (qmail 91727 invoked by uid 60001); 18 Jun 2013 06:56:20 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1371538580; bh=liTWktiapaLjHdw+2TpVo5Asxk4qjy0W+vRDynxa69M=; h=X-YMail-OSG:Received:X-Rocket-MIMEInfo:X-Mailer:Message-ID:Date:From:Subject:To:MIME-Version:Content-Type; b=EYqUn7pMwJj5u38emYJUabh5GdDtZpb+5fc+seNp2LSGLoyH5b7H4Xi5s4VnsgGMV9quc/+eCX4MRGdE3vT0BNX2TtZGZFLmjWleroLYEiv9Qkn2ydReRdtQrCAoXlfje4LZJx5TRthkxyH5j6b0EZpt1l72ZJUjtjEB/ddpz3M=
DomainKey-Signature:a=rsa-sha1; q=dns; c=nofws;
  s=s1024; d=yahoo.com;
  h=X-YMail-OSG:Received:X-Rocket-MIMEInfo:X-Mailer:Message-ID:Date:From:Subject:To:MIME-Version:Content-Type;
  b=iJgA5kie62DmC4ZZKFHeIMStlbIEzfaGtdgMMcl3QSe9kEJB5yN+qMreDiaq4ZNwtxbGin13osmOGAKubmel9J4Z9p2PaWePYPbLB9092i1xPJIMHMl4QVZWogox5JWuaNGxD3R1YkBrUNFUl7StxywuUsPx6g1Ogsqmi5qy4c4=;
X-YMail-OSG: PrPru38VM1l9Vh.ARg8RlM27WxEx8CScPDJBiGPJviw8Ik6
 LPTA7jMAMP5wTi4lPDcQrSWfGGKkNf5r_gjNI_y1MoJXzaVtVYaALubMukxN
 BxWN9AiMb._7CNZNutAya549ZVjpN4Y8nD0HE8SuMKRT19wFjzyKxYJ1Wuzb
 KEetveoHoA.7h9Z4NmBod6v1PjYTKpekiZsp7iZ0UnTNCDyzS6O4AfzwZelw
 e2yXyk4lqu2KO0.IUq4rxedGZBFCZpfrKmOAOXGAo.aAcYDTn5uPMK6RvnTo
 TRcMa9qxA_hivYMgJ.WS3nw4vVP1B5dWgw.78hkphwW2ZG4_PtOiOAd963JH
 3NElG0aTlqrTkXJMka2fGyA4Q347aEtbR.wlrHiidyjhH2DANRuZVWFGvs23
 uiw7Rz5UzfBpvxOqFU02JZGPT.Z0Z82rUa_InzuvDAh38RvNVDkTU50WyHKa
 NwdmeW27StXE_JPUNWWIscOrFNRMRsGf_e7aD6TGBChWjcc8vmEC_VQVt4Jx
 QckpYdz9cjw--
Received: from [24.224.133.144] by web126202.mail.ne1.yahoo.com via HTTP; Mon, 17 Jun 2013 23:56:19 PDT
X-Rocket-MIMEInfo: 002.001,CmkNCg0KDQpJIGtub3cgeW91ICYgeW91ciBsaWZlLCBjaXJjbGUgb2YgZnJpZW5kcywgZXRjIHRoZXJlZm9yZSwgSSBvbmx5IHNlZSBpdCBmYWlyIHlvdSBzaG91bGQga25vdyB5b3VyIGxpZmUgaXMgYSBnYW1lIGFuZCB5b3UncmUgc2FkbHkgYmVpbmcgcGxheWVkISBTZXJpb3VzbHkgbWFkZSBhIGZvb2wgb2YuIEV2ZXJ5b25lIHlvdSBrbm93LCBrbm93cyB0aGF0IEFubmEsIEFubmllIHdoYXRldmVyIHlvdSBjYWxsIHlvdXIgb2xkIHJvb21tYXRlLiBNZWV0IHlvdXIgaGFzYmFuZCB3aGVuIHNoZSB3YXMgYSABMAEBAQE-
X-Mailer: YahooMailWebService/0.8.147.553
Message-ID: <1371538579.88210.BPMail_high_noncarrier@web126202.mail.ne1.yahoo.com>
Date: Mon, 17 Jun 2013 23:56:19 -0700 (PDT)
From: Jewels Brooks Hunter <[email protected]>
Subject: you need to jnow your life is a LIE
To: [email protected], [email protected], [email protected],
  [email protected]
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii

Esempio 2: 

Delivered-To: [email protected]
Received: by 10.60.17.1 with SMTP id k1csp74699oed;
        Mon, 17 Jun 2013 23:56:20 -0700 (PDT)
X-Received: by 10.50.7.1 with SMTP id f1mr461112iga.48.1371538580627;
        Mon, 17 Jun 2013 23:56:20 -0700 (PDT)
Return-Path: <[email protected]>
Received: from nm41-vm4.bullet.mail.ne1.yahoo.com (nm41-vm4.bullet.mail.ne1.yahoo.com. [98.138.120.220])
        by mx.google.com with ESMTPS id l13si14092764igt.31.2013.06.17.23.56.20
        for <[email protected]>
        (version=TLSv1 cipher=RC4-SHA bits=128/128);
        Mon, 17 Jun 2013 23:56:20 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of [email protected] designates 98.138.120.220 as permitted sender) client-ip=98.138.120.220;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of [email protected] designates 98.138.120.220 as permitted sender) [email protected];
       dkim=pass [email protected]
Received: from [98.138.90.51] by nm41.bullet.mail.ne1.yahoo.com with NNFMP; 18 Jun 2013 06:56:20 -0000
Received: from [98.138.226.169] by tm4.bullet.mail.ne1.yahoo.com with NNFMP; 18 Jun 2013 06:56:20 -0000
Received: from [127.0.0.1] by omp1070.mail.ne1.yahoo.com with NNFMP; 18 Jun 2013 06:56:20 -0000
X-Yahoo-Newman-Property: ymail-3
X-Yahoo-Newman-Id: [email protected]
Received: (qmail 91727 invoked by uid 60001); 18 Jun 2013 06:56:20 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1371538580; bh=liTWktiapaLjHdw+2TpVo5Asxk4qjy0W+vRDynxa69M=; h=X-YMail-OSG:Received:X-Rocket-MIMEInfo:X-Mailer:Message-ID:Date:From:Subject:To:MIME-Version:Content-Type; b=EYqUn7pMwJj5u38emYJUabh5GdDtZpb+5fc+seNp2LSGLoyH5b7H4Xi5s4VnsgGMV9quc/+eCX4MRGdE3vT0BNX2TtZGZFLmjWleroLYEiv9Qkn2ydReRdtQrCAoXlfje4LZJx5TRthkxyH5j6b0EZpt1l72ZJUjtjEB/ddpz3M=
DomainKey-Signature:a=rsa-sha1; q=dns; c=nofws;
  s=s1024; d=yahoo.com;
  h=X-YMail-OSG:Received:X-Rocket-MIMEInfo:X-Mailer:Message-ID:Date:From:Subject:To:MIME-Version:Content-Type;
  b=iJgA5kie62DmC4ZZKFHeIMStlbIEzfaGtdgMMcl3QSe9kEJB5yN+qMreDiaq4ZNwtxbGin13osmOGAKubmel9J4Z9p2PaWePYPbLB9092i1xPJIMHMl4QVZWogox5JWuaNGxD3R1YkBrUNFUl7StxywuUsPx6g1Ogsqmi5qy4c4=;
X-YMail-OSG: PrPru38VM1l9Vh.ARg8RlM27WxEx8CScPDJBiGPJviw8Ik6
 LPTA7jMAMP5wTi4lPDcQrSWfGGKkNf5r_gjNI_y1MoJXzaVtVYaALubMukxN
 BxWN9AiMb._7CNZNutAya549ZVjpN4Y8nD0HE8SuMKRT19wFjzyKxYJ1Wuzb
 KEetveoHoA.7h9Z4NmBod6v1PjYTKpekiZsp7iZ0UnTNCDyzS6O4AfzwZelw
 e2yXyk4lqu2KO0.IUq4rxedGZBFCZpfrKmOAOXGAo.aAcYDTn5uPMK6RvnTo
 TRcMa9qxA_hivYMgJ.WS3nw4vVP1B5dWgw.78hkphwW2ZG4_PtOiOAd963JH
 3NElG0aTlqrTkXJMka2fGyA4Q347aEtbR.wlrHiidyjhH2DANRuZVWFGvs23
 uiw7Rz5UzfBpvxOqFU02JZGPT.Z0Z82rUa_InzuvDAh38RvNVDkTU50WyHKa
 NwdmeW27StXE_JPUNWWIscOrFNRMRsGf_e7aD6TGBChWjcc8vmEC_VQVt4Jx
 QckpYdz9cjw--
Received: from [24.224.133.144] by web126202.mail.ne1.yahoo.com via HTTP; Mon, 17 Jun 2013 23:56:19 PDT
X-Rocket-MIMEInfo: 002.001,CmkNCg0KDQpJIGtub3cgeW91ICYgeW91ciBsaWZlLCBjaXJjbGUgb2YgZnJpZW5kcywgZXRjIHRoZXJlZm9yZSwgSSBvbmx5IHNlZSBpdCBmYWlyIHlvdSBzaG91bGQga25vdyB5b3VyIGxpZmUgaXMgYSBnYW1lIGFuZCB5b3UncmUgc2FkbHkgYmVpbmcgcGxheWVkISBTZXJpb3VzbHkgbWFkZSBhIGZvb2wgb2YuIEV2ZXJ5b25lIHlvdSBrbm93LCBrbm93cyB0aGF0IEFubmEsIEFubmllIHdoYXRldmVyIHlvdSBjYWxsIHlvdXIgb2xkIHJvb21tYXRlLiBNZWV0IHlvdXIgaGFzYmFuZCB3aGVuIHNoZSB3YXMgYSABMAEBAQE-
X-Mailer: YahooMailWebService/0.8.147.553
Message-ID: <1371538579.88210.BPMail_high_noncarrier@web126202.mail.ne1.yahoo.com>
Date: Mon, 17 Jun 2013 23:56:19 -0700 (PDT)
From: Jewels Brooks Hunter <[email protected]>
Subject: you need to jnow your life is a LIE
To: [email protected], [email protected], [email protected],
  [email protected]
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
    
posta user28244 13.07.2013 - 20:14
fonte

1 risposta

1

Wow, quella formattazione mi fa male al cervello. :)

Ci sono due risposte che ho per te. Il primo è che non ti puoi fidare di nulla dopo il tuo proprio scambiatore di posta. In tal caso, direi: 

Delivered-To: [email protected]
Received: by 10.60.17.1 with SMTP id k1csp74699oed; 
Mon, 17 Jun 2013 23:56:20 -0700 (PDT)
X-Received: by 10.50.7.1 with SMTP id f1mr461112iga.48.1371538580627; 
Mon, 17 Jun 2013 23:56:20 -0700 (PDT) Return-Path: 
Received: from nm41-vm4.bullet.mail.ne1.yahoo.com (nm41-vm4.bullet.mail.ne1.yahoo.com. [98.138.120.220]) by mx.google.com

Quindi, la mia prima risposta è che venne sicuramente da Yahoo. Se assumiamo che possiamo fidarci di tutte le intestazioni, la risposta diventa: 

Received: from [24.224.133.144] by web126202.mail.ne1.yahoo.com via HTTP; Mon, 17 Jun 2013 23:56:19 PDT X-Rocket-MIMEInfo:

Quindi, 24.224.133.144.

Lo stesso vale per il secondo messaggio.

    
risposta data 13.07.2013 - 20:24
fonte

Leggi altre domande sui tag

Un oggetto particolare può essere rilevato ed estratto dalla RAM? [chiuso] Quale rete cellulare viene utilizzata per il recupero di furti di automobili? Può essere utilizzato per PC e dispositivi mobili?