OT: Help tracing source of e-mail

On Jul 22, 2:48 pm, Zz Yzx <[email protected]> wrote:
> To all you computer/internet experts in the wreck:
>
> I received an e-mail from a unknown sender today that I found very
> unsettling. There was nothing in it that I could consider "abusive"
> so I could file an abuse report, but I'd still like to track down and
> identify the sender.
>
> I searched all the IP addresses in the header on the WHOIS database,
> and found it orginated from google. The were several other IP
> addresses listed, including one for Inktomi, IANA, and my ISP.
>
> Is there any way to identify a sender with this information? Can I
> track them down through Google or my ISP? Can any of you recommend a
> source of additional information ?
>

It sounds like you've done the right thing.

SOME systems will include a header with the IP assigned to the
computer that ran the email client that connected to the server.
If you have that, you can search for other instances of that IP,
like on UseNet. But it may (usually will) be dynamically allocated
from a pool, meaning that it gets reassigned frequently.

Otherwise, you are dependent on the cooperation of the
sending host's system administrator.

--

FF

Zz Yzx <[email protected]> writes:

> Is there any way to identify a sender with this information? Can I
> track them down through Google or my ISP? Can any of you recommend a
> source of additional information ?


You have to go from your mail server, and trace back from there. Since
the machines usually add a Received-By: line on top of all existing
ones, your server is usually listed first.


However, once you leave your server, you are dependent upon the
accuracy of the next mail server. And if they lie, you have a hard
time telling.

Years ago I used spamcop to analyze mail, but I haven't kept up.
Essentially you look for inconsistencies. But if you have traced it
back to google/gmail, there is little you can do unless you get a subpoena.

They don't care about mail abuse.