1 / 19

Tracing an Email

Tracing an Email. by Etienne Takougang. Introduction.

martha
Télécharger la présentation

Tracing an Email

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Tracing an Email by Etienne Takougang

  2. Introduction Do you hate Spam? Of course, we all do! Have you ever wondered just who was hiding behind those anonymous emails that keep finding their way into your Inbox? Well, this manual will help you detect and identify the origin of these anonymous emails. The most convenient way of achieving this goal is to use the program eMailTrackerPro. A free trial version is available at http://www.visualware.com/.

  3. Using eMailTrackerPro The first step is to use an e-mail analysis tool like eMailTrackerPro, which will automatically analyze an e-mail and its headers and provide graphical results similar to the following:

  4. If you do not have an actual e-mail, but only have an e-mail address, you can use the eMailTracker tool in VisualRoute to track the user to their e-mail server. • An added benefit is that you are able to see what SMTP software the mail server is running (many times with version information as well). • In most cases, using an e-mail tracking tool like eMailTrackerPro is your best option. But, if you want to understand how these tracking tools work, continue reading...

  5. e-mail Internet Headers Every received e-mail has Internet Headers. Using Microsoft Outlook as an example (other mail programs are very similar), just follow these steps to view the headers:

  6. 1. Right-click on the mail message that is still in your Outlook Inbox • 2. Select 'Options...' from the resulting popup menu • 3. Examine the 'Internet Headers’ in the resulting ‘Message Options’ dialog box

  7. When your full header is not visible on your email: • Some email programs like Hotmail or Yahoo have their full headers hidden by default. • In order to view the full header, you must specifically turn on that option.

  8. Yahoo • 1. Click Options • 2. Click Mail Preferences • 3. Click “Show Headers” • 4. Click “All” • 5. Click Save

  9. Hotmail • 1. Click Options • 2. Click Mail Display Headings (under “Additional Options”) • 3. Click “Message Headers” • 4. Click “Full” • 5. Click OK

  10. Example What you see when you view the message headers will be very similar to the following:

  11. 1: Received: from tes1a623.OneMail.com.sg ([203.127.89.129]) by visualroute.com (8.11.6) id f9CIVSk24480; Fri, 12 Oct 2001 12:31:29 -0600 (MDT) 2: Message- Id:<200110121831.f9CIVSk24480@s2.domain.com> 3: Received: from drb.com (IIM1608 [203.127.89.138]) by tes1a623.OneMail.com.sg with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2448.0) 4: id 4XNK9ATR; Sat, 13 Oct 2001 01:19:10 +0800 5: From: paylesslongdistance@somedomain.com 6: To: <> 7: Subject: Long Distance - 4.9 cents per min - NO FEES! 8: Date: Fri, 12 Oct 2001 13:24:26 -0400 9: X-Sender: paylesslongdistance@yahoo.com 10: X-Mailer: QUALCOMM Windows Eudora Pro Version 4.1 11: Content-Type: text/plain; charset="us-ascii" 12: X-Priority: 3 13: X-MSMail-Priority: Normal 14: X-UIDL: 8`Y!!0GR!!"?H"!k:O!! 15: Status: U

  12. ‘Received’ Header The most important header field for tracking purposes is the Received header field, which usually has a syntax similar to: Received: from ? by ? via ? with ? id ? for ? date-time

  13. Sender’s IP Address What is crucial for tracking, is to pay attention to the trail of IP-address in the from tokens and not necessarily the host name provided to us in the by tokens: Received: • from tes1a623.OneMail.com.sg ([203.127.89.129]) • by visualroute.com (8.11.6) • id f9CIVSk24480; • Fri, 12 Oct 2001 12:31:29 -0600 (MDT)

  14. Track the IP Address • Use eMailTrackerPro to track the IP Address! Track down the person! The resulting trace will look somewhat like the following generic trace:

  15. Conclusion As a result, by using eMailTrackerPro and analyzing email message headers, you are fully capable of tracing that mysterious email. You can now take action and rest easy.

  16. Merry ChristmasandHappy New Year!

  17. THE END

More Related