Hi rcgreen
There was no spammer involved.
The scammer opens my email, clicked hyperlink
Hyperlink lead to webserver with PHP script
PHP script grabs the IP and send me an email w/ user agent and IP
IP shown in the email is an internal address
Correction to my initial post:
The internal IP address is not in any of the email conversations. I have no idea why I wrote that.
