まずは受信した日時を見てみます。
私がいつも楽しみにしているEメール(ダイレクトメール)も
これくらい送ってくれれば有難いのですが
その人達や企業は常識的なので
このようなメール送信はしません。
こんなクズメール要らんわ。
IBM Developer Works
NUODB
VOLTDB
アメリカの日系人フュージョンバンド Hiroshima
地元兵庫県のFM放送局、KISS-FM
日経のIT関係のメルマガ全て。
株式会社 Oracle のデータベースに関するメールや Oracle Linux のメールとか。
実は私、メールは毎日たくさん読んでいるのであります。
なのでクズメールはうっとうしいのであります。
他人の日常生活の邪魔をするなよ。
クズメールの発信元さんよ。
2016年9月25日日曜日 14:13
2016年9月25日日曜日 13:41
2016年9月25日日曜日 13:13
2016年9月25日日曜日 12:13
2016年9月25日日曜日 11:13
2016年9月25日日曜日 10:13
2016年9月25日日曜日 9:13
2016年9月25日日曜日 7:41
2016年9月25日日曜日 7:13
2016年9月25日日曜日 6:14
2016年9月24日土曜日 20:41
2016年9月24日土曜日 20:14
2016年9月24日土曜日 19:41
2016年9月24日土曜日 19:13
2016年9月24日土曜日 18:13
2016年9月24日土曜日 17:13
2016年9月24日土曜日 15:13
2016年9月24日土曜日 14:41
2016年9月24日土曜日 14:13
2016年9月24日土曜日 13:41
2016年9月24日土曜日 13:13
2016年9月24日土曜日 11:13
2016年9月24日土曜日 10:41
2016年9月24日土曜日 9:44
2016年9月24日土曜日 9:13
2016年9月24日土曜日 8:14
2016年9月24日土曜日 7:43
2016年9月24日土曜日 7:14
2016年9月24日土曜日 6:15
次にメールヘッダーの ReturnPath を調べます。
メールヘッダーについては、こちらの説明がわかりわすいです。
メールヘッダの情報、意味、調べ方
linux:~ # nslookup > server 8.8.8.8 Default server: 8.8.8.8 Address: 8.8.8.8#53 > 3gne15a-57ikpeg-v21aw6x.com Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Name: 3gne15a-57ikpeg-v21aw6x.com Address: 158.199.124.8 > ur2sf9a-sme.com Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Name: ur2sf9a-sme.com Address: 158.199.125.99 > o0pnryi-up4.com Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Name: o0pnryi-up4.com Address: 158.199.125.100 > nzq9b03-n1l.com Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Name: nzq9b03-n1l.com Address: 158.199.125.97 > l78x91p-c42.com Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Name: l78x91p-c42.com Address: 158.199.125.96 > gwsj923-20k02nw-l2u9dj2.com Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Name: gwsj923-20k02nw-l2u9dj2.com Address: 158.199.124.17 > qdn867y-ldh.com Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Name: qdn867y-ldh.com Address: 158.199.125.112 > yd6vrua-40h.com Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Name: yd6vrua-40h.com Address: 158.199.125.103 > 0bep9f6-65s.com Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Name: 0bep9f6-65s.com Address: 158.199.125.118 > jfeebql-rxx.com Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Name: jfeebql-rxx.com Address: 158.199.124.9 > y265ovm-eea.com Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Name: y265ovm-eea.com Address: 158.199.125.123 > y265ovm-eea.com Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Name: y265ovm-eea.com Address: 158.199.125.123 > vw0mcp8-wlt.com Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Name: vw0mcp8-wlt.com Address: 158.199.125.115 > acs0awy-6ro.com Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Name: acs0awy-6ro.com Address: 158.199.124.20 > jgn9ja8onqq.com Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Name: jgn9ja8onqq.com Address: 23.253.164.103 Name: jgn9ja8onqq.com Address: 192.64.147.141 > w6ylm98-7k4.com Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Name: w6ylm98-7k4.com Address: 158.199.125.99 > evs3bx4-4iexrk8-v1py3a.com Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Name: evs3bx4-4iexrk8-v1py3a.com Address: 158.199.125.109 > inrippn7kgi.com Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Name: inrippn7kgi.com Address: 23.253.164.103 Name: inrippn7kgi.com Address: 192.64.147.141 > inrippn7kgi.com Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Name: inrippn7kgi.com Address: 192.64.147.141 Name: inrippn7kgi.com Address: 23.253.164.103 > mekonn7yzae.com Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Name: mekonn7yzae.com Address: 23.253.164.103 Name: mekonn7yzae.com Address: 192.64.147.141 > 3fgwxwgdllk.com Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Name: 3fgwxwgdllk.com Address: 192.64.147.141 Name: 3fgwxwgdllk.com Address: 23.253.164.103 > yhxussr1pn7.com Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Name: yhxussr1pn7.com Address: 23.253.164.103 Name: yhxussr1pn7.com Address: 192.64.147.141 > wd8hwfz-xob.com Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Name: wd8hwfz-xob.com Address: 158.199.124.14 > ew8tpye8rn4.com Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Name: ew8tpye8rn4.com Address: 23.253.164.103 Name: ew8tpye8rn4.com Address: 192.64.147.141 > 2xhrdjk32dj.com Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Name: 2xhrdjk32dj.com Address: 192.64.147.141 Name: 2xhrdjk32dj.com Address: 23.253.164.103 > xqkh6vwo3wt.com Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Name: xqkh6vwo3wt.com Address: 23.253.164.103 Name: xqkh6vwo3wt.com Address: 192.64.147.141 > czt29qs2diz.com Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Name: czt29qs2diz.com Address: 23.253.164.103 Name: czt29qs2diz.com Address: 192.64.147.141 > w6jmfqo-t06.com Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Name: w6jmfqo-t06.com Address: 158.199.124.13 > xacj5wm-nfs.com Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Name: xacj5wm-nfs.com Address: 158.199.125.100 > exit linux:~ #
IPアドレスを昇順に並び替えてみます。
158.199.124.13
158.199.124.14
158.199.124.17
158.199.124.20
158.199.124.8
158.199.124.9
158.199.125.100
158.199.125.100
158.199.125.103
158.199.125.109
158.199.125.112
158.199.125.115
158.199.125.118
158.199.125.123
158.199.125.123
158.199.125.96
158.199.125.97
158.199.125.99
158.199.125.99
192.64.147.141
192.64.147.141
192.64.147.141
192.64.147.141
192.64.147.141
192.64.147.141
192.64.147.141
192.64.147.141
192.64.147.141
192.64.147.141
要約します。
158.199.124.8
158.199.124.9
158.199.124.13
158.199.124.14
158.199.124.17
158.199.124.20
158.199.125.96
158.199.125.97
158.199.125.99
158.199.125.100
158.199.125.103
158.199.125.109
158.199.125.112
158.199.125.115
158.199.125.118
158.199.125.123
192.64.147.141
ふむふむ。
Whois IP Look Up してみます。
linux:~ # whois 158.199.124.8 # # ARIN WHOIS data and services are subject to the Terms of Use # available at: https://www.arin.net/whois_tou.html # # If you see inaccuracies in the results, please report at # https://www.arin.net/public/whoisinaccuracy/index.xhtml # # # The following results may also be obtained via: # https://whois.arin.net/rest/nets;q=158.199.124.8?showDetails=true&showARIN=false&showNonArinTopLevelNet=false&ext=netref2 # NetRange: 158.198.0.0 - 158.215.255.255 CIDR: 158.200.0.0/13, 158.208.0.0/13, 158.198.0.0/15 NetName: APNIC-ERX-158-198-0-0 NetHandle: NET-158-198-0-0-1 Parent: NET158 (NET-158-0-0-0-0) NetType: Early Registrations, Transferred to APNIC OriginAS: Organization: Asia Pacific Network Information Centre (APNIC) RegDate: 2003-10-15 Updated: 2011-03-10 Comment: This IP address range is not registered in the ARIN database. Comment: This range was transferred to the APNIC Whois Database as Comment: part of the ERX (Early Registration Transfer) project. Comment: For details, refer to the APNIC Whois Database via Comment: WHOIS.APNIC.NET or http://wq.apnic.net/apnic-bin/whois.pl Comment: Comment: ** IMPORTANT NOTE: APNIC is the Regional Internet Registry Comment: for the Asia Pacific region. APNIC does not operate networks Comment: using this IP address range and is not able to investigate Comment: spam or abuse reports relating to these addresses. For more Comment: help, refer to http://www.apnic.net/apnic-info/whois_search2/abuse-and-spamming Ref: https://whois.arin.net/rest/net/NET-158-198-0-0-1 ResourceLink: http://wq.apnic.net/whois-search/static/search.html ResourceLink: whois.apnic.net OrgName: Asia Pacific Network Information Centre OrgId: APNIC Address: PO Box 3646 City: South Brisbane StateProv: QLD PostalCode: 4101 Country: AU RegDate: Updated: 2012-01-24 Ref: https://whois.arin.net/rest/org/APNIC ReferralServer: whois://whois.apnic.net ResourceLink: http://wq.apnic.net/whois-search/static/search.html OrgAbuseHandle: AWC12-ARIN OrgAbuseName: APNIC Whois Contact OrgAbusePhone: +61 7 3858 3188 OrgAbuseEmail: search-apnic-not-arin@apnic.net OrgAbuseRef: https://whois.arin.net/rest/poc/AWC12-ARIN OrgTechHandle: AWC12-ARIN OrgTechName: APNIC Whois Contact OrgTechPhone: +61 7 3858 3188 OrgTechEmail: search-apnic-not-arin@apnic.net OrgTechRef: https://whois.arin.net/rest/poc/AWC12-ARIN # # ARIN WHOIS data and services are subject to the Terms of Use # available at: https://www.arin.net/whois_tou.html # # If you see inaccuracies in the results, please report at # https://www.arin.net/public/whoisinaccuracy/index.xhtml # Found a referral to whois.apnic.net. % [whois.apnic.net] % Whois data copyright terms http://www.apnic.net/db/dbcopyright.html % Information related to '158.198.0.0 - 158.215.255.255' inetnum: 158.198.0.0 - 158.215.255.255 netname: JPNIC-NET-JP-ERX descr: Japan Network Information Center country: JP admin-c: JNIC1-AP tech-c: JNIC1-AP remarks: JPNIC Allocation Block remarks: Authoritative information regarding assignments and remarks: allocations made from within this block can also be remarks: queried at whois.nic.ad.jp. To obtain an English remarks: output query whois -h whois.nic.ad.jp x.x.x.x/e mnt-by: APNIC-HM mnt-lower: MAINT-JPNIC status: ALLOCATED PORTABLE source: APNIC mnt-irt: IRT-JPNIC-JP changed: hostmaster@apnic.net 19920401 changed: hm-changed@apnic.net 20030918 changed: hm-changed@apnic.net 20040926 changed: hm-changed@apnic.net 20050406 irt: IRT-JPNIC-JP address: Urbannet-Kanda Bldg 4F, 3-6-2 Uchi-Kanda address: Chiyoda-ku, Tokyo 101-0047, Japan e-mail: hostmaster@nic.ad.jp abuse-mailbox: hostmaster@nic.ad.jp admin-c: JNIC1-AP tech-c: JNIC1-AP auth: # Filtered mnt-by: MAINT-JPNIC changed: abuse@apnic.net 20101108 changed: hm-changed@apnic.net 20101111 changed: ip-apnic@nic.ad.jp 20140702 source: APNIC role: Japan Network Information Center address: Urbannet-Kanda Bldg 4F address: 3-6-2 Uchi-Kanda address: Chiyoda-ku, Tokyo 101-0047,Japan country: JP phone: +81-3-5297-2311 fax-no: +81-3-5297-2312 e-mail: hostmaster@nic.ad.jp admin-c: JI13-AP tech-c: JE53-AP nic-hdl: JNIC1-AP mnt-by: MAINT-JPNIC changed: hm-changed@apnic.net 20041222 changed: hm-changed@apnic.net 20050324 changed: ip-apnic@nic.ad.jp 20051027 changed: ip-apnic@nic.ad.jp 20120828 source: APNIC % Information related to '158.199.124.0 - 158.199.124.63' inetnum: 158.199.124.0 - 158.199.124.63 netname: SERENADE descr: SERENADE,inc country: JP admin-c: JK8049JP tech-c: JK8049JP remarks: This information has been partially mirrored by APNIC from remarks: JPNIC. To obtain more specific information, please use the remarks: JPNIC WHOIS Gateway at remarks: http://www.nic.ad.jp/en/db/whois/en-gateway.html or remarks: whois.nic.ad.jp for WHOIS client. (The WHOIS client remarks: defaults to Japanese output, use the /e switch for English remarks: output) changed: apnic-ftp@nic.ad.jp 20140109 changed: apnic-ftp@nic.ad.jp 20160628 source: JPNIC % This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (UNDEFINED) linux:~ # whois 158.199.125.96 # # ARIN WHOIS data and services are subject to the Terms of Use # available at: https://www.arin.net/whois_tou.html # # If you see inaccuracies in the results, please report at # https://www.arin.net/public/whoisinaccuracy/index.xhtml # # # The following results may also be obtained via: # https://whois.arin.net/rest/nets;q=158.199.125.96?showDetails=true&showARIN=false&showNonArinTopLevelNet=false&ext=netref2 # NetRange: 158.198.0.0 - 158.215.255.255 CIDR: 158.208.0.0/13, 158.200.0.0/13, 158.198.0.0/15 NetName: APNIC-ERX-158-198-0-0 NetHandle: NET-158-198-0-0-1 Parent: NET158 (NET-158-0-0-0-0) NetType: Early Registrations, Transferred to APNIC OriginAS: Organization: Asia Pacific Network Information Centre (APNIC) RegDate: 2003-10-15 Updated: 2011-03-10 Comment: This IP address range is not registered in the ARIN database. Comment: This range was transferred to the APNIC Whois Database as Comment: part of the ERX (Early Registration Transfer) project. Comment: For details, refer to the APNIC Whois Database via Comment: WHOIS.APNIC.NET or http://wq.apnic.net/apnic-bin/whois.pl Comment: Comment: ** IMPORTANT NOTE: APNIC is the Regional Internet Registry Comment: for the Asia Pacific region. APNIC does not operate networks Comment: using this IP address range and is not able to investigate Comment: spam or abuse reports relating to these addresses. For more Comment: help, refer to http://www.apnic.net/apnic-info/whois_search2/abuse-and-spamming Ref: https://whois.arin.net/rest/net/NET-158-198-0-0-1 ResourceLink: http://wq.apnic.net/whois-search/static/search.html ResourceLink: whois.apnic.net OrgName: Asia Pacific Network Information Centre OrgId: APNIC Address: PO Box 3646 City: South Brisbane StateProv: QLD PostalCode: 4101 Country: AU RegDate: Updated: 2012-01-24 Ref: https://whois.arin.net/rest/org/APNIC ReferralServer: whois://whois.apnic.net ResourceLink: http://wq.apnic.net/whois-search/static/search.html OrgTechHandle: AWC12-ARIN OrgTechName: APNIC Whois Contact OrgTechPhone: +61 7 3858 3188 OrgTechEmail: search-apnic-not-arin@apnic.net OrgTechRef: https://whois.arin.net/rest/poc/AWC12-ARIN OrgAbuseHandle: AWC12-ARIN OrgAbuseName: APNIC Whois Contact OrgAbusePhone: +61 7 3858 3188 OrgAbuseEmail: search-apnic-not-arin@apnic.net OrgAbuseRef: https://whois.arin.net/rest/poc/AWC12-ARIN # # ARIN WHOIS data and services are subject to the Terms of Use # available at: https://www.arin.net/whois_tou.html # # If you see inaccuracies in the results, please report at # https://www.arin.net/public/whoisinaccuracy/index.xhtml # Found a referral to whois.apnic.net. % [whois.apnic.net] % Whois data copyright terms http://www.apnic.net/db/dbcopyright.html % Information related to '158.198.0.0 - 158.215.255.255' inetnum: 158.198.0.0 - 158.215.255.255 netname: JPNIC-NET-JP-ERX descr: Japan Network Information Center country: JP admin-c: JNIC1-AP tech-c: JNIC1-AP remarks: JPNIC Allocation Block remarks: Authoritative information regarding assignments and remarks: allocations made from within this block can also be remarks: queried at whois.nic.ad.jp. To obtain an English remarks: output query whois -h whois.nic.ad.jp x.x.x.x/e mnt-by: APNIC-HM mnt-lower: MAINT-JPNIC status: ALLOCATED PORTABLE source: APNIC mnt-irt: IRT-JPNIC-JP changed: hostmaster@apnic.net 19920401 changed: hm-changed@apnic.net 20030918 changed: hm-changed@apnic.net 20040926 changed: hm-changed@apnic.net 20050406 irt: IRT-JPNIC-JP address: Urbannet-Kanda Bldg 4F, 3-6-2 Uchi-Kanda address: Chiyoda-ku, Tokyo 101-0047, Japan e-mail: hostmaster@nic.ad.jp abuse-mailbox: hostmaster@nic.ad.jp admin-c: JNIC1-AP tech-c: JNIC1-AP auth: # Filtered mnt-by: MAINT-JPNIC changed: abuse@apnic.net 20101108 changed: hm-changed@apnic.net 20101111 changed: ip-apnic@nic.ad.jp 20140702 source: APNIC role: Japan Network Information Center address: Urbannet-Kanda Bldg 4F address: 3-6-2 Uchi-Kanda address: Chiyoda-ku, Tokyo 101-0047,Japan country: JP phone: +81-3-5297-2311 fax-no: +81-3-5297-2312 e-mail: hostmaster@nic.ad.jp admin-c: JI13-AP tech-c: JE53-AP nic-hdl: JNIC1-AP mnt-by: MAINT-JPNIC changed: hm-changed@apnic.net 20041222 changed: hm-changed@apnic.net 20050324 changed: ip-apnic@nic.ad.jp 20051027 changed: ip-apnic@nic.ad.jp 20120828 source: APNIC % Information related to '158.199.125.64 - 158.199.125.127' inetnum: 158.199.125.64 - 158.199.125.127 netname: SERENADE descr: SERENADE,inc country: JP admin-c: JK8049JP tech-c: JK8049JP remarks: This information has been partially mirrored by APNIC from remarks: JPNIC. To obtain more specific information, please use the remarks: JPNIC WHOIS Gateway at remarks: http://www.nic.ad.jp/en/db/whois/en-gateway.html or remarks: whois.nic.ad.jp for WHOIS client. (The WHOIS client remarks: defaults to Japanese output, use the /e switch for English remarks: output) changed: apnic-ftp@nic.ad.jp 20140303 changed: apnic-ftp@nic.ad.jp 20160628 source: JPNIC % This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (UNDEFINED) linux:~ #
SERENADE,inc などと言うサーバー会社からメールを貰う理由はないぞ。なぁ。もし。
linux:~ # whois 192.64.147.141 # # ARIN WHOIS data and services are subject to the Terms of Use # available at: https://www.arin.net/whois_tou.html # # If you see inaccuracies in the results, please report at # https://www.arin.net/public/whoisinaccuracy/index.xhtml # # The following results may also be obtained via: # https://whois.arin.net/rest/nets;q=192.64.147.141?showDetails=true&showARIN=false&showNonArinTopLevelNet=false&ext=netref2 # NetRange: 192.64.144.0 - 192.64.151.255 CIDR: 192.64.144.0/21 NetName: VOODOO-1 NetHandle: NET-192-64-144-0-1 Parent: NET192 (NET-192-0-0-0-0) NetType: Direct Assignment OriginAS: AS19867 Organization: Voodoo.com, Inc (VOODO-1) RegDate: 2012-12-18 Updated: 2012-12-18 Comment: http://www.voodoo.com Ref: https://whois.arin.net/rest/net/NET-192-64-144-0-1 OrgName: Voodoo.com, Inc OrgId: VOODO-1 Address: 5461 W. WATERS AVE Address: Suite #908 City: Tampa StateProv: FL PostalCode: 33634 Country: US RegDate: 2012-07-11 Updated: 2012-07-11 Comment: http://www.voodoo.com Ref: https://whois.arin.net/rest/org/VOODO-1 OrgNOCHandle: DAVIS220-ARIN OrgNOCName: Davis, Chris OrgNOCPhone: +1-813-659-5350 OrgNOCEmail: cdavis@voodoo.com OrgNOCRef: https://whois.arin.net/rest/poc/DAVIS220-ARIN OrgAbuseHandle: DAVIS220-ARIN OrgAbuseName: Davis, Chris OrgAbusePhone: +1-813-659-5350 OrgAbuseEmail: cdavis@voodoo.com OrgAbuseRef: https://whois.arin.net/rest/poc/DAVIS220-ARIN OrgTechHandle: DAVIS220-ARIN OrgTechName: Davis, Chris OrgTechPhone: +1-813-659-5350 OrgTechEmail: cdavis@voodoo.com OrgTechRef: https://whois.arin.net/rest/poc/DAVIS220-ARIN # # ARIN WHOIS data and services are subject to the Terms of Use # available at: https://www.arin.net/whois_tou.html # # If you see inaccuracies in the results, please report at # https://www.arin.net/public/whoisinaccuracy/index.xhtml # linux:~ #
Voodoo.com からメールを送ってもらう理由はないぞ。なぁ。もし。
メールの内容の関連性を見ると
アメリカのサーバー会社を使ったとしても
SERENADE,inc との関連性は否定できないぞなぁ。
SERENADE,inc って一体何なんだ?