Trace an Email

To trace where an email came from:

• Read this article and guide first to learn about Email headers and IP addresses

• Then check out some of the web sites below

There are three basic steps:

1. Get the email headers (see below)

2. Find the IP address of the sender

3. Track the IP address with either IP Address Guide or this a simple search box

=============================================================

1 and 2: How to Trace Email:

These articles and guides explain how to find Email headers and then do a trace:

• Julian Sher's article
• The Best Online Guide
• Another Guide with Graphics
• Another Guide with text only that takes you through different email programs

=============================================================

3A - Find out where an IP address comes from - try these automatic searches:

• The easiest and best tool: this site offers a simple search box where you can cut and paste the email header
• This web tool tries to map your trace with Google Maps - but it has some limits

=============================================================

3B - Or Find out where an IP address comes from - Try doing it by yourself:

Once you have an IP address from the email header, you can find out where that IP address comes from with these tools:

Bes

• Ipaddressguide
  

Rest:

• Go gettem
• ARIN lookup
• Eamnesi IP Lookup
• OSI Lab   
• Hunter DNS lookup

=============================================================

MORE DETAILS on How to track where an email comes from:

In Outlook:

1. Open up the email
2. Click on View
3. Click on Options
4. You should see a lot of text in the window called Message header
5. Copy the last ISP number
6. Go to a DNS trace site listed above and put in the IP number
7. You should be able to at least determine the country, city or server the email sender is using.

In Groupwise:

1. You have to first select "QuickViewer". That splits your
   screen so you can preview each message without actually opening it, much
   like Outlook Express.
2. In new GW versions, a small subject window will then appear at the top
   of the preview window. There is a drop down list here. It will show you
   the MIME info.
3. That's where the header info is located. Yours is listed
   below.
4. Go to the trace sites listed above and put in the IP number
5. You should be able to at least determine the country, city or server the email sender is using.
   

Outlook Express

1. Highlight each email you received from the offending parties, one at a time. Don't open them. Just highlight them with your mouse
2. Now right click on the mouse. You should get a menu
3. Select the last item on the menu - Properties
4. A property box should pop up. Select the second window - "Details"
5. You should get a lot of technical gibberish. Copy everything in that box. Copy the text (highlight it with your mouse, then copy it and paste it into a Word document or email message
6. Go to the trace sites listed above and put in the IP number
7. You should be able to at least determine the country, city or server the email sender is using.
   

Here is an illustration of how to read a Message Header: