How To Trace an Email - Comments Page 1

Category: Email , Spam




(Read the article: How To Trace an Email)

All Comments on: "How To Trace an Email"

Comment Page: 1 |  2 

Posted by:

Carole
24 Sep 2015

I use to look at where an email originated all the time. It was really easy on Outlook Express.

Posted by:

JonK
24 Sep 2015

Thanks for a useful tutorial. I have been using IPTracker for several years now

http://www.iptrackeronline.com/email-header-analysis.php

and found it to be a very useful tool. In addition to providing the likely sourcem IPTracker displays a Google map with the probably location.

The website also contains links to other useful tracing tools.

Sure beats doing it by hand.

Posted by:

Mike
24 Sep 2015

As usual Bob you came up with another great topic. Thanks, Mike

Posted by:

Jay R
24 Sep 2015

Your email comes just after I emptied my junk mail folder. Therefore, I put your IP address into the blacklist box and you were as clean as a whistle.

As always, thank you for the great job of making sense out of chaos.

The Old Man and the Moon

Posted by:

Rob
24 Sep 2015

Indeed delete and move on. However, if your email client keeps a blocked senders list (MS OUTLOOK does) add the offender to that before deleting the message. At least you will not see another message from that specific address. Yes the spammers use many addresses. Block those too. :-)

Posted by:

Howie Watkins
24 Sep 2015

When you trace the originating mail server that sent you SPAM you often find that it is an innocent party who has been hacked.

Posted by:

Doc
24 Sep 2015

As a former teacher who was still of the 'old school' which believed that Teaching was a full time profession during the school year and most of the summer, every student had every e-mail I could be reached at, (and every phone number) so they could call if they got stuck in or out of my class, I teach and don't draw a lot of lines between subjects.

In Yahoo! just right-click the marked e-mail and look at the last lines (first of the list), generally it will say ISP 'X' does not allow (clients, e-mail) and that is all I need to know since I MIGHT know a Birdie Warbler, or a blue-cap Bill who's trying to get a hold of me now that I'm retired. And, if still in doubt, just run down to the bottom (top) of list and see who the 'reply to' is. If it SAYS it's from "Your Best Student from 1992 and I just wanted to say thanks or have a question" and the bottom says REPLY TO 'Your worst Nightmare from 1987' a simple click makes it go away.

I'm going to try the programs, but 95% of the time just right clicking the checked e-mail in Yahoo will give you all you need to know - and sadly it's generally from 'your worse nightmare from hell'. Unless you really DO have a minister who is being held for ransom in Niger ('One Country too Far'). He still can't sent from and ISP who won't let him.

If they REALLY want you, MOST students (old friends) will remember to put in subject line that will make you remember them: "In October when I turned you into the dean for witchcraft, I was wrong." or some such thing; "I never showed up for class and turned you into HR for harassment because you failed me and now I need letter for grad school and you are the only one who can save me" are also common themes.

Posted by:

Linda Anne Quinlan Gasper
24 Sep 2015

Once again, Bob, a great article. I use "NirSoft IPNETINFO". It is a great tool and you download it to your computer, paste the mime header into it and it gives you everything you could possibly want to know! I've done a lot of traces for Microsoft Outlook.com/hotmail.com as well as several where in the address mime header, there is a message they are tracking for SPAM/PHISHING abuse. Yes, it takes time, but some of these scams out there have gotten real sophisticated-including authentic pictures of logo's. If you trace the whole message, there is often lot's of goodies hidden in the "View Source" of the picture. If we all took the time, we could really help to cut down on the vast amounts of spam, phishing, and scams out there-making the Internet a much safer place to travel!
LindaSView

Posted by:

IanG
24 Sep 2015

Thanks Bob. More great information and help with daily conundrums.

I have wasted much time over the years trying to make sense of those headers - knowing that the answer lay 'somewhere' within what I was looking at.

Posted by:

Sheri
25 Sep 2015

I tried the MX Tools email header analyser and the Google Toolbox head analyser and I had to use Crt+V to paste the header into the MX Tools one :-(-

But IPTracker at http://www.iptrackeronline.com/email-header-analysis.php, which was recommended by JonK, gives much clearer info, including the country of origin :-) So I will use that in future. Thanks JonK :-)

Posted by:

David
25 Sep 2015

I've been using SpamCop (www.spamcop.net) for years. If you want to you can send a notice of spam to the ISP.

Posted by:

OldNana
25 Sep 2015

Excellent article, as always. Thanks for this. I was having trouble with finding the headers in MS Outlook (they change stuff just often enough to keep us all confused). I found right-clicking the UNopened message and choosing "Message Options" will show Internet headers at the bottom of the window. (After all .. who wants to open it to find a header when we're trying to see if it's safe to open in the first place?) I'll be sure to use the Email Header Analyzer soon.

Posted by:

James Ware
25 Sep 2015

Your article is very informative. However, something came up today regarding email this I thought was impossible.
On Oct 23rd a friend sent me an email with the following header information:

From: C1les
To: James Ware
Sent: Wednesday, September 23, 2015 7:25 PM
Subject: Day

Today, Oct 24th she asked me why I did not respond to some of the content of the email. I never got the email.
I checked all of my gmail email files and have mail from her before the 7:25 p.m. sent time but not that email.
I couldn't believe an email could be lost in cyberspace so had her resend it from her sent mail file so I could see that it had been sent, and when. All the information is in the lines I included above.
Have anybody heard of this happening before?
Is there a way to trace your sent email to delivery point?
Hope this fit the requirement for current subject.
Thanks for any information.
James

Posted by:

olamoree
25 Sep 2015

I get emails to me that show that I sent them to myself. Analysis shows that they were able to put in my address instead of their own. Usually dubious offers from suspicious locations. It does NOT mean that they have hacked my email account.

Posted by:

Ryan James
25 Sep 2015

I may be missing something, but I have never received an email with "hidden information about the path it took to you, called “header information".

If it is hidden, where do you find it? You did not point this out.

Not one of the hundreds of e-mails I received in the last two days have this information. HELP!

Posted by:

Tony D
26 Sep 2015

If I'm curious about an email I receive in Outlook, I drag it, unopened, to my desktop, rename the suffix to .txt & open it in Notepad. Granted I won't see anything but text, but usually I can determine if it's legit or not. But I'm looking forward to trying out the Email Header Analyzer and the other suggestions in the previous comments.

Posted by:

Ken Gash
27 Sep 2015

I have been using a Thunderbird add-on called MailHops 1.0.3 It places a couple of radio buttons at the bottom of the standard header. If you click on Hops, you get a list of all the hops the email took. Even more informative is the button called Map which provides a graphic representation of paths on a map to show the complete route of the message. One recent junk mail started in Vietnam, went to a private location in Siberia, then to Alaska then to Kansas City then to me.
It works well and is always there to use on any email with just a click.

Posted by:

Mac 'n' Cheese
27 Sep 2015

Hi, Ryan James,

You asked about hidden header information. Information about how to find it was hidden in plain sight in Bob's article:

Google also provides brief, clear instructions on how to find message headers in Webmail messages, including Gmail, AOL, Yahoo! Mail, Excite Webmail, and Hotmail (now Outlook.com). Instructions for finding headers in desktop clients such as Microsoft Outlook, Apple Mail, Mozilla Thunderbird, and Opera are also given.

There's a link in that sentence (in the actual article, not in this comment) that will take you to https://support.google.com/mail/answer/22454.

HTH! ["Hope That Helps!"]

Mac

Posted by:

bb
30 Sep 2015

And here's another tracer: http://whatismyipaddress.com/trace-email

Includes instructions for getting the headers on common mail providers. Gives a nice map where it detected the email was from. I like it because the url is easy to remember.

And it must be said that these traces are not always accurate - sending email using our Satellite ISP put us in Kansas when in reality we are 2,000 miles away from that.

Posted by:

Wayne K.
02 Oct 2015

My problem, the hacker has cloned my address, how do you get this fixed?? So far,sending the mail to the abuse@ address hasn't helped yet.

EDITOR'S NOTE: Cloned your address? What does that mean?

Comment Page: 1 |  2 

Read the article that everyone's commenting on.

To post a comment on "How To Trace an Email"
please return to that article.

Send this article to a friend. Jump to the Comments section. Buy Bob a Snickers. Or check out other articles in this category:





Need More Help? Try the AskBobRankin Updates Newsletter. It's Free!

Prev Article:
Geekly Update - 23 September 2015
Send this article to a friend
The Top Twenty
Next Article:
Buying Prescription Eyeglasses Online

Link to this article from your site or blog. Just copy and paste from this box:



Free Tech Support -- Ask Bob Rankin
Subscribe to AskBobRankin Updates: Free Newsletter


About Us     Privacy Policy     RSS/XML