Ads 468x60px

Sunday, July 31, 2011

How To Trace an Email Address And Original Sender

How To Trace an Email Address And Original Sender

TRACING AN EMAIL ADDRESS
The purpose of this guide is to show the process involved in tracing an email. The first step required to tracing an email is finding out the headers of the email. What are headers? Email headers are lines added at the top of an email message that are used by servers as the email goes on route to get delivered. Generally email clients only show the standard To, From, and Subject headers, but there are more.

1) Enabling Email Headers

Enabling Email Headers For Gmail
Step 1:Once Logged into your Gmail Account open the Email whose headers you want to view. Click on the “
Show details” link in the message next to the date of the email.
Step 2: Now click the “Show Original” link.

Step 3: This link will popup a new window the headers and the body of the message.


Enabling Email Headers For Yahoo

Step 1:Once logged in, click on the "Options" link in the upper navigation bar. 





Step 2: Now click on the "General Preferences" link.



Step 3: In the paragraph titled Messages and locate the "Headers" heading and select "All".



Step 4: Go to your inbox and open any one of your email. You emails show now contain additional headers.




2) Understanding Email Headers



In this example the “Sender” located at sender@exampleuniversity.edu want to send an email to “Receiver” located at receiver@exampleisp.com. The sender composes his email at his workstation in the university’s computer lab (lab.exampleuniversity.edu). Once completed the email message is passed to the university’s mail server called mail.exampleuniversity.com. The mail server seeing that it has a message for receiver@exampleisp.com, contacts someisp.com mail server and delivers the email to it. The email is stored on someisp.com server until Receiver logs on to check his/her inbox.

In this example, four headers will be added to the email message. This first header is generated by email client on lab.exampleuniversity.edu when forwarding it to the mail server at mail.exampleuniversity.edu.



The following header is added when mail.exampleuniversity.edu transmits the message to mail.exampleisp.com.





The following header is added when mail.exampleisp.com stores the message on the server for Reciever.





The following header is added when Reciever downloads the email from home machine called reciever.local. 







3) Tracking The Orginal Sender


The easiest way for finding the original sender is by looking for the X-Originating-IP header, this header is important since it tells you the IP Address of the computer that had sent the email. If you can not find the X-Originating-IP header then you will have to sift through the Received headers to find the sender's ip. 





Once the email sender's ip is found go to 
http://www.arin.net/ to begin a search. 







Now click on the "NET-24-16-0-0-1" link. 







Scroll down the page untill you find the OrgAbuseEmail field. 






Remember to include all the headers of the email along with an attached copy when filling a complaint. 

I am Not the Original Writer of this Post. I have take It from Security Forums...But I thought It would be Useful So I am Sharing It with you Guys...

No comments:

Post a Comment