Maker Pro
Maker Pro

E-mail tracing

J

just me

Jan 1, 1970
0
Hi,

Wondering if anyone can shed some light on this question. Keep in mind, I'm
not a computer whiz.

I have an e-mail - now printed out also - that if possible, would like to
trace back to it's origin. Is this possible? It isn't for me, but for
someone I know. It is a matter of a legal issue at this point. I'm trying to
help them out...

Any help appreciated.

Thanks,

clf
 
C

CWatters

Jan 1, 1970
0
just me said:
Hi,

Wondering if anyone can shed some light on this question. Keep in mind, I'm
not a computer whiz.

I have an e-mail - now printed out also - that if possible, would like to
trace back to it's origin. Is this possible? It isn't for me, but for
someone I know. It is a matter of a legal issue at this point. I'm trying to
help them out...

You need to analyse the header - this is part of the message that isn't
usually displayed. How you display it depends on the program used. Try right
clicking on the message and selecting properties. Note that you need to do
this on the computer that got the original - not the message forwarded to
you if that's what happened.

A typical header looks like this (see below). It shows some of the computers
the email travelled through. If the sender knows what they are doing they
can make a message very hard to trace....

Return-Path: <[email protected]>
Delivered-To: [email protected]
Received: (qmail 4971 invoked from network); 21 Aug 2005 02:07:57 -0000
Received: from elektra.telenet-ops.be ([195.130.136.19])
(envelope-sender <[email protected]>)
by ate.telenet-ops.be (qmail-ldap-1.03) with SMTP
for <[email protected]>; 21 Aug 2005 02:07:57 -0000
Received: from limos.telenet-ops.be (limos.telenet-ops.be [195.130.136.25])
by elektra.telenet-ops.be (8.12.8/8.12.8) with ESMTP id j7L27upC010541
for <[email protected]>; Sun, 21 Aug 2005 04:07:56 +0200
Received: from localhost (unknown [127.0.0.1])
by limos.telenet-ops.be (Postfix) with SMTP id 5E42937E4C
for <[email protected]>; Sun, 21 Aug 2005 04:07:56 +0200 (CEST)
Received: from ladon.telenet-ops.be (ladon.telenet-ops.be [195.130.132.50])
by limos.telenet-ops.be (Postfix) with ESMTP id 587AE37E47
for <[email protected]>; Sun, 21 Aug 2005 04:07:56 +0200 (CEST)
Received: from apate.telenet-ops.be (apate.telenet-ops.be [195.130.132.57])
by ladon.telenet-ops.be (Postfix) with ESMTP id 5319614F587
for <[email protected]>; Sun, 21 Aug 2005 04:07:56 +0200 (MEST)
Received: from localhost (localhost.localdomain [127.0.0.1])
by apate.telenet-ops.be (Postfix) with SMTP id 4E3B138058
for <[email protected]>; Sun, 21 Aug 2005 04:07:56 +0200 (CEST)
Received: from PC1 (dD5764706.access.telenet.be [213.118.71.6])
by apate.telenet-ops.be (Postfix) with ESMTP id 355423802E
for <[email protected]>; Sun, 21 Aug 2005 04:07:56 +0200 (CEST)
thread-index: AcWl9RszdrEf2cdJw/Q42wlMIswkss85Yw==
Thread-Topic: Just another boring email
From: <[email protected]>
Sender: <[email protected]>
To: <[email protected]>
Subject: High Priority Notification (Notice) From
Date: Sun, 21 Aug 2005 04:07:39 +0200
Message-ID: <000201c5a5f5fdhjx$1b445200$6400a8c0@>
MIME-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft CDO for Exchange 2000
Content-Class: urn:content-classes:message
Importance: normal
Priority: normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1441
 
C

clf

Jan 1, 1970
0
CWatters said:
just me said:
Hi,

Wondering if anyone can shed some light on this question. Keep in mind, I'm
not a computer whiz.

I have an e-mail - now printed out also - that if possible, would like to
trace back to it's origin. Is this possible? It isn't for me, but for
someone I know. It is a matter of a legal issue at this point. I'm trying to
help them out...

You need to analyse the header - this is part of the message that isn't
usually displayed. How you display it depends on the program used. Try
right
clicking on the message and selecting properties. Note that you need to do
this on the computer that got the original - not the message forwarded to
you if that's what happened.

A typical header looks like this (see below). It shows some of the
computers
the email travelled through. If the sender knows what they are doing they
can make a message very hard to trace....

Return-Path: <[email protected]>
Delivered-To: [email protected]
Received: (qmail 4971 invoked from network); 21 Aug 2005 02:07:57 -0000
Received: from elektra.telenet-ops.be ([195.130.136.19])
(envelope-sender <[email protected]>)
by ate.telenet-ops.be (qmail-ldap-1.03) with SMTP
for <[email protected]>; 21 Aug 2005 02:07:57 -0000
Received: from limos.telenet-ops.be (limos.telenet-ops.be
[195.130.136.25])
by elektra.telenet-ops.be (8.12.8/8.12.8) with ESMTP id j7L27upC010541
for <[email protected]>; Sun, 21 Aug 2005 04:07:56 +0200
Received: from localhost (unknown [127.0.0.1])
by limos.telenet-ops.be (Postfix) with SMTP id 5E42937E4C
for <[email protected]>; Sun, 21 Aug 2005 04:07:56 +0200 (CEST)
Received: from ladon.telenet-ops.be (ladon.telenet-ops.be
[195.130.132.50])
by limos.telenet-ops.be (Postfix) with ESMTP id 587AE37E47
for <[email protected]>; Sun, 21 Aug 2005 04:07:56 +0200 (CEST)
Received: from apate.telenet-ops.be (apate.telenet-ops.be
[195.130.132.57])
by ladon.telenet-ops.be (Postfix) with ESMTP id 5319614F587
for <[email protected]>; Sun, 21 Aug 2005 04:07:56 +0200 (MEST)
Received: from localhost (localhost.localdomain [127.0.0.1])
by apate.telenet-ops.be (Postfix) with SMTP id 4E3B138058
for <[email protected]>; Sun, 21 Aug 2005 04:07:56 +0200 (CEST)
Received: from PC1 (dD5764706.access.telenet.be [213.118.71.6])
by apate.telenet-ops.be (Postfix) with ESMTP id 355423802E
for <[email protected]>; Sun, 21 Aug 2005 04:07:56 +0200 (CEST)
thread-index: AcWl9RszdrEf2cdJw/Q42wlMIswkss85Yw==
Thread-Topic: Just another boring email
From: <[email protected]>
Sender: <[email protected]>
To: <[email protected]>
Subject: High Priority Notification (Notice) From
Date: Sun, 21 Aug 2005 04:07:39 +0200
Message-ID: <000201c5a5f5fdhjx$1b445200$6400a8c0@>
MIME-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft CDO for Exchange 2000
Content-Class: urn:content-classes:message
Importance: normal
Priority: normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1441

"I" am the one who pulled the e-mail down from the parties e-mail, being
they had no computer access at this point in time - so they could "check"
their e-mail.

Thanks!
 
Top