Originally Posted by A.Serbinski
to track down the owner of the originating ip address.
Which are, with 99,9999% certainty, spambots and change at least daily, if not hourly. And end result: You may get couple ISPs to close the infected user's account and have wasted several hours to achieve practically nothing.
Here's a sample, same spam message, received and caught each time:
Delivery-Date: Thu, 17 Apr 2008 03:15:06 +0200
Received: from dti-host7.pickdti.com (dti-host7.pickdti.com [22.214.171.124])
From: ivagra cilais <firstname.lastname@example.org>
Delivery-Date: Mon, 21 Apr 2008 14:35:27 +0200
Received: from mail.advokatkjallgren.se (mail2.advokatkjallgren.se [126.96.36.199])
From: vigara ciails <email@example.com>
Delivery-Date: Mon, 21 Apr 2008 21:51:23 +0200
Received: from geegee.lnk.telstra.net (geegee.lnk.telstra.net [188.8.131.52])
From: viagar icalis <firstname.lastname@example.org>
Delivery-Date: Wed, 23 Apr 2008 07:58:10 +0200
Received: from n11648136021.netvigator.com (n11648136021.netvigator.com [184.108.40.206])
From: viagar icalis <email@example.com>
Delivery-Date: Thu, 24 Apr 2008 15:55:31 +0200
Received: from host81-137-17-245.in-addr.btopenworld.com (host81-137-17-245.in-addr.btopenworld.com [220.127.116.11])
From: ivagra cilais <firstname.lastname@example.org>
In effect, unless you want to try to report these spambots 24/7 and do nothing else in life, go ahead, but you are figthing a lost battle even then.