Trace the origin of an email abuser?
Over the weekend, I received a fascinating question from Infopackets Reader Ric J.:
" Hi Dennis!
I just read your email regarding the eBook, 'Email For Newbies v2.1', and have a question about email headers. I know that email headers show persons IP address, but, is there anyway that I can find out where a person lives? The reason I ask is because I been having a problem with a person and the only thing I have is the IP address of the individual. Any help would be great; thanks! "
The answer is that, yes, you can track the origin of an email to a certain extent -- providing that none of the headers have been forged. Finding out where the person lives is also doable, but only in a general manner (geographically). In your case, I will assume that the abuser has forged his email address and you are relying in IP information in the email header to track his origin.
As referenced in your letter, the Email For Newbies eBook has a chapter dedicated to the topic of Email Headers. I read through this chapter over the weekend and can tell you that Tom Glander does an excellent job explaining the what each header means -- specifically for the purpose of tracking the email's origin. In fact, Tom illustrates how he used email headers to track down an individual who repeatedly (and unsuspectingly) sent email viruses.
Assuming you understand how email headers are read and the email address has been forged, the next step in tracking someone is to:
a) Do a NameSever Lookup [NSLookup] and resolve the origin IP address to a web-based address (or "Domain Name"). Use the link below to do your search; note that the second IP address in the result window is the one you want.
b) Using the resolved domain name, type the URL [web address] into your web Browser and hopefully it will direct you to the Internet Service Provider home page of the abuser. If the IP resolved contains a sub-domain (I.E.: something.infopackets.com, rather than www.infopackets.com), eliminate part of the domain (from the left) and try the new URL in your browser. For example, the IP address 188.8.131.52 resolves to: www.fed1mtao01.cox.net --> modified and corrected URL = http://www.cox.net
c) On the ISP homepage, locate a contact an abuse / support email address with someone who can help your cause. If you can't get web page to pull up, you can also do a WhoIs Search which reveals the ownership of some domains (and may also include contact information).
PS: Chances are that email address, abuse@The_ISP.net (even if not listed online the ISP web site) will suffice. Side note: the domain "The_ISP.net" in the above example is the ISP home page of the abuser.
d) To find the geographical location of an IP address, you can use a Visual TraceRoute tool. Note: this method will not divulge the exact location of the IP address (I.E.: John Doe, 123 Main Street) -- but will display the approximate location on a map of the world.
Infopackets Top Windows 10 FAQs
How to Upgrade from Windows 10 32-bit to 64-bit
How to Fix: Windows 10 Antivirus Missing, Not Compatible
How to Fix: Windows 10 Display Shifted; Screen Fuzzy
How to Upgrade Windows 7, 8 32-bit to Windows 10 64-bit
to Downgrade from Windows 10
- How to Fix: Windows 10 Upgrade Failed Error C1900208
- How to Fix: Windows 10 Upgrade Failed Error 80240020
- Can I Cancel my Windows 10 Reservation and Reserve Later?
- How to Clean Install Windows 10 using Windows 7, 8 License
- Will Windows 10 Install Automatically?
- Windows 10 Upgrade: Do I have to Reinstall Programs?
- Windows 10 Upgrade: Can I choose 32-bit or 64-bit?
- Which Version of Windows 10 Will I Get (Home or Pro)?
- How to Reserve Windows 10 Upgrade (Free)
- How to Fix: CPU Not Compatible with Windows 10 Error
- Windows 10 Upgrade: Can I keep my Old Windows Install?
- How to Cancel Windows 10 Reservation (Properly)
- Download Windows 10 .ISO (DVD) for Clean Install?
- Microsoft: Windows 10 Will Be The Last Version
- Does Windows 10 require the CPU to support PAE?
- Windows 10: Can I Upgrade or do I need a Clean Install?
Click here for more Windows 10 articles.