This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Dúnadh an snáithe seo agus cuireadh sa chartlann é. Cuir ceist nua má tá cabhair uait.

How to find the origin of an email sent to you?

  • 2 fhreagra
  • 1 leis an bhfadhb seo
  • 1 view
  • Freagra is déanaí ó Matt

more options

Here is the contents of an email address (From) that was sent to me.

Received: from uuc-epost001.user.uu.se (130.238.3.11) by

uuc-epost005.user.uu.se (130.238.3.15) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id
15.1.1591.10 via Mailbox Transport; Wed, 23 Jan 2019 12:25:43 +0100

Received: from uuc-epost004.user.uu.se (130.238.3.14) by

uuc-epost001.user.uu.se (130.238.3.11) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id
15.1.1591.10; Wed, 23 Jan 2019 12:25:43 +0100

Received: from lyra.its.uu.se (130.238.7.73) by smtp.user.uu.se (130.238.3.9)

with Microsoft SMTP Server (version=TLS1_0,
cipher=TLS_RSA_WITH_AES_256_CBC_SHA) id 15.1.1591.10 via Frontend Transport;
Wed, 23 Jan 2019 12:25:43 +0100

Received: from e-mailfilter03.sunet.se (e-mailfilter03.sunet.se [192.36.171.203]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by lyra.its.uu.se (Postfix) with ESMTPS id B9F7038EC4 for <vs@it.uu.se>; Wed, 23 Jan 2019 12:25:42 +0100 (CET) Received: from ln-static-139-255-66-35.link.net.id (ln-static-139-255-66-35.link.net.id [139.255.66.35] (may be forged)) by e-mailfilter03.sunet.se (8.14.4/8.14.4/Debian-8+deb8u2) with ESMTP id x0NBPTWY095758 for <vs@it.uu.se>; Wed, 23 Jan 2019 12:25:35 +0100 Message-ID: <7B6643204D5E052E331675180B507B66@it.uu.se> From: <vs@it.uu.se> To: <vs@it.uu.se> Subject: =?utf-8?B?YnLDpWRza2FuZGUgbWVkZGVsYW5kZW4gZnLDpW4gc8Oka2VyaGV0c3Rqw6Ruc3Rlbi4=?= Date: Thu, 24 Jan 2019 00:26:33 +0600 Content-Type: multipart/alternative; boundary="---------4393220674707370" X-Mailer: Wklslmt lhlflja 7.1 X-Bayes-Prob: 0.9999 (Score 5, tokens from: vs@it.uu.se, uu-se:default, base:default, @@RPTN) Precedence: bulk X-Auto-Response-Suppress: All Auto-Submitted: x-no-autoresponse-please X-Spam-Flag: YES X-CanIt-Incident-Id: 0bXrLpuAx X-Spam-Score: 32.48 (********************) [Tag at 6.30] CK_HELO_GENERIC:0.001,DATE_IN_FUTURE_06_12:0.001,HTML_MESSAGE:0.001,NO_FM_NAME_IP_HOSTN:2.5,RDNS_NONE:1.274,SPF(softfail:1),DKIM(none:0),CC(ID:0.2),RBL(spamhaus:3.0),RBL(rp-dict:1.5),RBL(rp-spam:3.0),Bayes(0.9999:5.0),C3312(15) X-p0f-Info: os=Windows 7 or 8, link=Ethernet or modem X-CanIt-Geo: ip=139.255.66.35; country=ID; region=Jakarta; city=Jakarta; latitude=-6.1744; longitude=106.8294; http://maps.google.com/maps?q=-6.1744,106.8294&z=6 X-CanItPRO-Stream: uu-se:vs@it.uu.se (inherits from uu-se:default,base:default) X-Canit-Stats-ID: 0bXrLpuAx - d2c00e63191b - 20190123 (trained as spam) X-Antispam-Training-Forget: https://mailfilter.sunet.se/canit/b.php?c=f&i=0bXrLpuAx&m=d2c00e63191b&rlm=uu-se&t=20190123 X-Antispam-Training-Nonspam: https://mailfilter.sunet.se/canit/b.php?c=n&i=0bXrLpuAx&m=d2c00e63191b&rlm=uu-se&t=20190123 X-Antispam-Training-Phish: https://mailfilter.sunet.se/canit/b.php?c=p&i=0bXrLpuAx&m=d2c00e63191b&rlm=uu-se&t=20190123 X-Antispam-Training-Spam: https://mailfilter.sunet.se/canit/b.php?c=s&i=0bXrLpuAx&m=d2c00e63191b&rlm=uu-se&t=20190123 X-CanIt-Archive-Cluster: PfMRe/vJWMiXwM2YIH5BVExnUnw Received-SPF: softfail (e-mailfilter03.sunet.se: domain of vs@it.uu.se does not designate 139.255.66.35 as permitted sender) receiver=e-mailfilter03.sunet.se; client-ip=139.255.66.35; envelope-from=<vs@it.uu.se>; helo=ln-static-139-255-66-35.link.net.id; identity=mailfrom X-Scanned-By: CanIt (www . roaringpenguin . com) on 192.36.171.203 Return-Path: virgil.stokes@it.uu.se X-MS-Exchange-Organization-Network-Message-Id: 4c6a8d0e-ee3a-456a-ee57-08d681258337 X-MS-Exchange-Organization-AVStamp-Enterprise: 1.0 X-MS-Exchange-Organization-SCL: 9 X-MS-Exchange-Organization-AuthSource: uuc-epost004.user.uu.se X-MS-Exchange-Organization-AuthAs: Anonymous X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.2142993 X-MS-Exchange-Processed-By-BccFoldering: 15.01.1591.012 MIME-Version: 1.0

The email contains terrible text and shows that it was sent by me --- which is not true. How can I stop this imposter from sending emails to me?

Here is the contents of an email address (From) that was sent to me. Received: from uuc-epost001.user.uu.se (130.238.3.11) by uuc-epost005.user.uu.se (130.238.3.15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1591.10 via Mailbox Transport; Wed, 23 Jan 2019 12:25:43 +0100 Received: from uuc-epost004.user.uu.se (130.238.3.14) by uuc-epost001.user.uu.se (130.238.3.11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1591.10; Wed, 23 Jan 2019 12:25:43 +0100 Received: from lyra.its.uu.se (130.238.7.73) by smtp.user.uu.se (130.238.3.9) with Microsoft SMTP Server (version=TLS1_0, cipher=TLS_RSA_WITH_AES_256_CBC_SHA) id 15.1.1591.10 via Frontend Transport; Wed, 23 Jan 2019 12:25:43 +0100 Received: from e-mailfilter03.sunet.se (e-mailfilter03.sunet.se [192.36.171.203]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by lyra.its.uu.se (Postfix) with ESMTPS id B9F7038EC4 for <vs@it.uu.se>; Wed, 23 Jan 2019 12:25:42 +0100 (CET) Received: from ln-static-139-255-66-35.link.net.id (ln-static-139-255-66-35.link.net.id [139.255.66.35] (may be forged)) by e-mailfilter03.sunet.se (8.14.4/8.14.4/Debian-8+deb8u2) with ESMTP id x0NBPTWY095758 for <vs@it.uu.se>; Wed, 23 Jan 2019 12:25:35 +0100 Message-ID: <7B6643204D5E052E331675180B507B66@it.uu.se> From: <vs@it.uu.se> To: <vs@it.uu.se> Subject: =?utf-8?B?YnLDpWRza2FuZGUgbWVkZGVsYW5kZW4gZnLDpW4gc8Oka2VyaGV0c3Rqw6Ruc3Rlbi4=?= Date: Thu, 24 Jan 2019 00:26:33 +0600 Content-Type: multipart/alternative; boundary="---------4393220674707370" X-Mailer: Wklslmt lhlflja 7.1 X-Bayes-Prob: 0.9999 (Score 5, tokens from: vs@it.uu.se, uu-se:default, base:default, @@RPTN) Precedence: bulk X-Auto-Response-Suppress: All Auto-Submitted: x-no-autoresponse-please X-Spam-Flag: YES X-CanIt-Incident-Id: 0bXrLpuAx X-Spam-Score: 32.48 (********************) [Tag at 6.30] CK_HELO_GENERIC:0.001,DATE_IN_FUTURE_06_12:0.001,HTML_MESSAGE:0.001,NO_FM_NAME_IP_HOSTN:2.5,RDNS_NONE:1.274,SPF(softfail:1),DKIM(none:0),CC(ID:0.2),RBL(spamhaus:3.0),RBL(rp-dict:1.5),RBL(rp-spam:3.0),Bayes(0.9999:5.0),C3312(15) X-p0f-Info: os=Windows 7 or 8, link=Ethernet or modem X-CanIt-Geo: ip=139.255.66.35; country=ID; region=Jakarta; city=Jakarta; latitude=-6.1744; longitude=106.8294; http://maps.google.com/maps?q=-6.1744,106.8294&z=6 X-CanItPRO-Stream: uu-se:vs@it.uu.se (inherits from uu-se:default,base:default) X-Canit-Stats-ID: 0bXrLpuAx - d2c00e63191b - 20190123 (trained as spam) X-Antispam-Training-Forget: https://mailfilter.sunet.se/canit/b.php?c=f&i=0bXrLpuAx&m=d2c00e63191b&rlm=uu-se&t=20190123 X-Antispam-Training-Nonspam: https://mailfilter.sunet.se/canit/b.php?c=n&i=0bXrLpuAx&m=d2c00e63191b&rlm=uu-se&t=20190123 X-Antispam-Training-Phish: https://mailfilter.sunet.se/canit/b.php?c=p&i=0bXrLpuAx&m=d2c00e63191b&rlm=uu-se&t=20190123 X-Antispam-Training-Spam: https://mailfilter.sunet.se/canit/b.php?c=s&i=0bXrLpuAx&m=d2c00e63191b&rlm=uu-se&t=20190123 X-CanIt-Archive-Cluster: PfMRe/vJWMiXwM2YIH5BVExnUnw Received-SPF: softfail (e-mailfilter03.sunet.se: domain of vs@it.uu.se does not designate 139.255.66.35 as permitted sender) receiver=e-mailfilter03.sunet.se; client-ip=139.255.66.35; envelope-from=<vs@it.uu.se>; helo=ln-static-139-255-66-35.link.net.id; identity=mailfrom X-Scanned-By: CanIt (www . roaringpenguin . com) on 192.36.171.203 Return-Path: virgil.stokes@it.uu.se X-MS-Exchange-Organization-Network-Message-Id: 4c6a8d0e-ee3a-456a-ee57-08d681258337 X-MS-Exchange-Organization-AVStamp-Enterprise: 1.0 X-MS-Exchange-Organization-SCL: 9 X-MS-Exchange-Organization-AuthSource: uuc-epost004.user.uu.se X-MS-Exchange-Organization-AuthAs: Anonymous X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.2142993 X-MS-Exchange-Processed-By-BccFoldering: 15.01.1591.012 MIME-Version: 1.0 The email contains terrible text and shows that it was sent by me --- which is not true. How can I stop this imposter from sending emails to me?

All Replies (2)

more options

I was able to extract the following information on the sender:

IP: 139.255.66.35 Decimal: 2348761635 Hostname: ln-static-139-255-66-35.link.net.id ASN: 9905 ISP: FirstMedia Organization: Linknet Services: None detected Type: Broadband Assignment: Static IP Blacklist: Continent: Asia Country: Indonesia id flag State/Region: Jakarta City: Jakarta Latitude: -6.1744 (6° 10′ 27.84″ S) Longitude: 106.8294 (106° 49′ 45.84″ E)

This person is threating installation of a virus on my system, unless I pay him/her in a large number of bitcoins. How can this sender be blocked from sending email, or blacklisted?

Athraithe ag virsto ar

more options

This is identical to your other topic here https://support.mozilla.org/en-US/questions/1247622 So I will close this. I have no intention of fielding duplicate questions from the same person.