Trace the Origin of Email: Visually

Dennis Faas's picture

Infopackets Reader 'Jennifer' writes:

" Dear Dennis,

I recently received an email from an unknown person via Yahoo. I think I understand how the email got to me but I'm not sure. Would the email headers help to tell me this? I'd really like to know how this person sent me the email. Can you help? "

My response:

To sum it up the answer briefly: email headers are often forged by spammers, so it's plausible that the email you received came from somewhere else (other than what is stated in the email header).

Having said that, most big-name ISP (Internet Service Providers) have an onslaught of anti-spam mechanisms in place that can detect and reject spam (including those which employ forged email headers), so investigating the origin may still be worthwhile.

To best explain how email is sent over the Internet (and how email headers can be forged), I recommend that you read over an article at stopSpam.org, which explains all of this in great detail. Quote:

" This document is intended to provide a comprehensive introduction to the behavior of email headers. It is primarily intended to help victims of unsolicited email ('email spam') attempting to determine the real source of the (generally forged) email that plagues them; it should also help in attempts to understand any other forged email. It may also be beneficial to readers interested in a general-purpose introduction to mail transfer on the Internet. " (Source: stopSpam.org).

http://www.stopspam.org/email/headers.html

How to Visually Trace an Email: The Easy Way

While the document at stopSpam.org is extremely helpful in describing how email travels over the Internet (among other things), the truth is that the information contains fairly technical details -- which may be confusing for the non-technically inclined ;-)

And although some folks will become enlightened as to how to go about tracing the origin of an email using the aforementioned document, it is doubtful that anyone will have the patience to manually decipher each and every email header in order to determine the origin of an email message.

For a more concrete example, look at the sample email header below. Would you want to decipher something like this time and time again for every suspect letter you receive?

http://www.infopackets.com/graphics/email+header.gif

I didn't think so!

In that case, consider VisualWare eMailTrackerPro: it deciphers email headers automatically and provides information -- visually -- of the email origin. Quote:

" Emails frequently contain malicious viruses, threats, and scams that can result in the loss of your data and confidential information, and even identity theft. With eMailTrackerPro you can easily verify of the sender of an email and their geographical location, including messages sent through 'anonymous' email services like Yahoo and Hotmail ...

[With eMailTrackerPro, tracing the origin of emails] has never been easier! Identify the sender of spam email and report them to put a stop to spam emails. Identify 'phishing' emails and other scammers trying to steal your confidential information ... "

eMailTrackerPro: Key Features

  • NEW! Integration for Outlook Express Users!: Simply drag and drop an email from your Outlook Express inbox onto the interactive Visualware desktop icon to start a trace!
     
  • NEW! Brand new GUI when tracing!: eMailTrackerPro now provides a fully interactive globe that allows you to zoom in and out and rotate your traceroute. Easier to understand information as your trace is progressing.
     
  • Works with any received Internet email message: Most any email message can be traced with eMailTrackerPro, even messages sent through 'anonymous' email services like Yahoo and Hotmail.
     
  • Analyzes a spam email message you have received to identify the sender's IP address: eMailTrackerPro automates the process of identifying where emails originate, and with fast results -- see analysis results within seconds!
     
  • Trace spam email, phishing email and any other email using eMailTrackerPro: Shows the geographical location of the sender on a world map; the geographical location of an IP address is key information for determining the threat level or validity of an email message. If the message originated from a high-risk or unexpected region, it is likely to be a bogus or fraudulent message.
     
  • Provides automated reporting of spammers and email abusers: Easily report a spammer, email viruses, scammers or other mis-use of email to the company providing Internet access for the sender.
     
  • Identifies the network provider of the sender: The sender's network provider (or ISP) is identified, providing contact information for further investigation.
     
  • Trace an email address directly from the Windows task bar: The VisualTrace tool bar enables instant tracing of an email address right from your task bar, without having to wait for a program to launch or keeping an application open.
     
  • Uncovers common tactics used by spammers: eMailTrackerPro indicates if the sender has used 'misdirection' and other tactics in an attempt to disguise their tracks.
     
  • One-click tracing from Microsoft Outlook 2002+: If you are using the full version of Outlook, trace an email with a simple click on the Outlook toolbar, easily validate emails before opening or responding. For other email programs simply copy/paste the email headers into eMailTrackerPro.
     
  • Shows the routing path to the sender: The actual path to the sender's IP address is reported in a routing table, providing additional location information to help determine the sender's true location.
     
  • Identifies the email program used to send the message: For most messages, eMailTrackerPro indicates what program the sender used to send an email.
     
  • Provides an analysis of applications running on the destination system: Get a report of the Internet applications on a destination site, including HTTP/HTTPS, the type of web server, FTP and SMTP.

eMailTrackerPro: Screenshot

http://www.infopackets.com/graphics/visualware+emailtrackerpro.gif

eMailTrackerPro: Download

eMailTrackerPro can be be downloaded via the eSellerate website ($29.95).

http://www.infopackets.com/articles/email+tracker+pro.htm

Side note: although it is completely optional, eMailTrackerPro can be fully integrated with Visualware VisualRoute (a "sister" program). In a nutshell, VisualRoute shows you (graphically) the exact path an email took to get to you. VisualRoute is also very helpful in troubleshooting Internet and network connection problems. A full review of VisualRoute can be read online our web site [link here].

Rate this article: 
Average: 1.5 (2 votes)