Melihat Header e-mail

From OnnoWiki
Revision as of 08:15, 6 May 2010 by Onnowpurbo (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Spammer, Penipu melalui e-mail kadang kala dapat di lacak dengan cara melihat header dari e-mail tersebut.

Cara melihat header e-mail di gmail

  • Baca e-mail tersebut seperti biasa
  • lihat menu 'Reply | Reply to all | Forward | Print | Delete | Show original"
  • klik pada Show original
  • Informasi penting ada di bagian awal header, terutama informasi Received: pertama dan From:


Contoh Header e-mail dari Spammer

From adamu_camilu@hotmail.fr  Thu May  6 04:53:26 2010
Return-Path: <adamu_camilu@hotmail.fr>
X-Original-To: onno@localhost
Delivered-To: onno@localhost
Received: from sekolah.sch.id (localhost [127.0.0.1])
	by sekolah.sch.id (Postfix) with ESMTP id 96E377F6BD 
	for <onno@localhost>; Thu,  6 May 2010 04:53:26 +0700 (WIT)
Delivered-To: onno@pop-qmail.indo.net.id
Received: from 202.159.32.71 [202.159.32.71]
	by sekolah.sch.id with POP3 (fetchmail-6.3.9-rc2)
	for <onno@localhost> (single-drop); Thu, 06 May 2010 04:53:26 +0700 (WIT)
Received: (qmail 7976 invoked from network); 5 May 2010 23:12:54 +0700
Received: from unknown (HELO sv-2.indo.net.id) (202.159.33.44)
  by pop-qmail.indo.net.id with SMTP; 5 May 2010 23:12:54 +0700
Received: (qmail 27677 invoked by alias); 5 May 2010 23:09:48 +0700
Delivered-To: onno+indo.net.id@sv-2.indo.net.id
Received: (qmail 27673 invoked from network); 5 May 2010 23:09:48 +0700
Received: by simscan 1.4.0 ppid: 27661, pid: 27671, t: 0.0225s
         scanners:none
Received: from unknown (HELO mailgate.indo.net.id) (202.159.32.57)
  by sv-2.indo.net.id with SMTP; 5 May 2010 23:09:48 +0700
Received: (qmail 19650 invoked by alias); 5 May 2010 23:12:51 +0700
Delivered-To: onno@indo.net.id
Received: (qmail 19646 invoked from network); 5 May 2010 23:12:51 +0700
Received: from mx-2.indo.net.id (202.159.32.37)
  by mailgate.indo.net.id with SMTP; 5 May 2010 23:12:51 +0700
Received: from web114619.mail.gq1.yahoo.com (web114619.mail.gq1.yahoo.com [98.136.183.100])
	by mx-2.indo.net.id (Postfix) with SMTP id AF1E862A31
	for <onno@indo.net.id>; Wed,  5 May 2010 23:02:37 +0700 (WIT)
Received: (qmail 26611 invoked by uid 60001); 5 May 2010 16:12:48 -0000
Message-ID: <407664.26488.qm@web114619.mail.gq1.yahoo.com>
X-YMail-OSG: bA6hhKgVM1lDlibtRsQBJJ_dp0rX6odXok_iZX5nZ7L.xoU
 Ky7lg0w9kqo.7HLVU16QZXzKwTPpSZR17MwcfclnQEJeru.h7QxjnqNCZlYL
 HVGTdxoSC.AIM54fWsnbCAgQrJkNQGY43MELpP_AYHp0Pwhl_iAtijDIjs1U
 sZ0L4CmFaDXZ7qJO_vhpZswT.CYM1RkF9vSb31OLSxD28tDv_0Gpvti_Vgnq
 1O9JUMGS2uqbbCU_jp.f9v2aYpo4lFyJKC0lJkESaTJcxxUHavekFdOnzciI
 s3OzimSnq_yWKNJGDXRNsSjrpEcMErZi49LSal8G.yUeZytVrzaW89BaaURq
 am09FOYd4XhxmtAyrr2.7z5NKHXYJZh8AclubjQxl3IeeUgTwDMMAuBfSvW2
 bFhl7rFsvvj012iU2WnZ0HACJOWEl8ELvszm5s6AUe7Ovk8h3oj4FUi3Wer8
 POFcwzR5BOaaNcJlOBjhgq_oUpDUuXksJwNQydBhPTPP66t9oUMvsEtcX0Ri
 xZm.fXq9nu4yVDkUqLwMI3PXIRst72Lv3GzqSsjVwNftVdOUgG2qJnuUAtCt
 .v5S0sM2Ss7HJxv3K1g2e689VcSBqCb4_dLtPI1C2Wfovp4WwnkrqeH84tuG
 R1N9oIeTBk25_JmIrQgDWassQmmr5megcnoEof.4FvqakGIYCgajbnmqKOgo
 J0NbnOPjIg9xmkuymiaIS2KkmAsyEIfNifRX14SjwbkXIUvytxGaWDUsUctN
 GmNnuZvZeWjddIRyQFqOntR7Ieq4ioqpYc4Xzo2TbwYzLxa0t3YWHVov8gRM
 HVUlHkUCayPp0OyZ.U9XusEpNLF5e.kWwTyvnUW29GCLrS6fRKX.jpwEjPaQ
 AP7Ps3_HhPPHWbo3kz9I6CbedjpOzj2Y4N2CwGVSIIT51ta_IMOHVmlUwZPN
 hVci4yx5F96sdbEAuyIH5SSPqW3fxxPAfa.kmc7kxe5Elr9GyGMPYXwHYgXo
 0fcLu8zhneYGiRwJ_s0CDTR2RYlymtN1akKxJMruhWsUEqMhKp7OcQvk9g2Q
 BHLugNYX7b.4Z3butNCWb7EdhHIawm70M_VyPwMLJNhM4MAGgaJswzckr3oq
 j2n8aKrhaaGhDGa8mbDZOj3VJs0ATbf5Ks.kO27V_u5vquyIjNEOULIQnfmX
 rr2WOL87yDf87I_upMkX2TKXiPexAOrS1Zv2oYkokN4.JzGR0BXfGDuNWddl
 dYp9fA7maf40.r1ZCmOOqOBUbVuagrt4xDX4igD4-
Received: from [212.52.148.109] by web114619.mail.gq1.yahoo.com via HTTP; Wed, 05 May 2010 09:12:48 PDT
X-RocketYMMF: mradamucamilu
X-Mailer: YahooMailClassic/10.1.11 YahooMailWebService/0.8.103.269680
Date: Wed, 5 May 2010 09:12:48 -0700 (PDT)
From: Mr Adamu Camilu <adamu_camilu@hotmail.fr>
Reply-To: adamu_camilu@hotmail.fr
Subject: From The Desk of Mr Adamu Camilu
To: undisclosed recipients: ;
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="0-1027477663-1273075968=:26488"
X-Spam-Tests: multi.surbl.org:OK,multi.uribl.com:OK
Status: O
X-Status: 
X-Keywords:                  
X-UID: 1


Perhatikan pada Received: pertama paling bawah dan From:. Terlihat bahwa

  • Pengirim berasal dari IP address : 212.52.148.109
  • e-mail address pengirim adalah : Mr Adamu Camilu <adamu_camilu@hotmail.fr>

walaupun e-mail address ini sering kali palsu, tapi lumayan untuk patokan untuk complain.

Melalui perintah whois di Linux kelihatan bahwa IP address 212.52.148.109 berasal dari Afrika. Kita dapat menindak lanjuti ke http://www.afrinic.net untuk menuntut / memblokir pengguna nakal tersebut.



Pranala Menarik

Retrieved from "https://onnocenter.or.id/wiki/index.php?title=Melihat_Header_e-mail&oldid=18524"