Tracing Origin of a Suspicious Email Message - PRR Computers, LLC

by Phil Rice
13 years ago
6926 Views

Email is, at its core, a plain text transmission of information – not just from one recipient to another, but from one mail server to another. Just like a passport used for international travel, each “stop” on the email’s journey is “stamped” into its headers. That makes tracing the origin of legitimate email a fairly straightforward task once one knows how to find the full email headers of a message, and then how to read them.

There’s just one problem: just about every single line of text in an email header can be forged. And in spam or malware-spawned messages, that forgery is commonplace. In fact, only the Received: lines that are created by your own service provider or computer can be completely trusted.

So how does one trace one of these illegitimate / forged emails back to its true source? Truthfully, most of the time, one cannot. Law enforcement officers usually have a level of access and “pull” to mine this information, but most of us regular Joes do not.

But what one can do is get a pretty decent idea of whether an email is legitimate or not, i.e. whether it comes from the person it says it does, or not. And in most cases, that’s the most important information to verify.

Trying to verify a suspicious email message of your own? Here are some resources that will prove helpful.

Extremely useful online tool:

Tags: , , ,

2 Comments

  • Richard Van Patten says:

    I am interested in hiring someone or some company who can trace the origin of an email based on the complete header. I’m interested to know the city and area it had originated. If you are capable of the exact address, that would be great. But I’m not sure if anyone other than the FBI is capable of that detail. Please advise/

    • Phil says:

      Yeah, there are a lot of factors which make this difficult to pinpoint origin in this way. IP geolocation as become more accurate over the years, but pinpointing the origin down to a postal address of the sender, that’s beyond my pay grade for sure. There might be some private companies out there who specialize in this kind of forensics, though I imagine they’d not come cheap.

      Sorry I can’t be of more help. Best of luck to you!

Leave a Reply

Your email address will not be published. Required fields are marked *