View Full Version : Back tracking email addresses

20-10-2001, 10:09 AM
A friend recently received a vicious email from a hot mail address.

Is there any way of backtracking the address details to establish who this nasty is?

20-10-2001, 10:54 AM
Forward the email to abuse@hotmail.com , and they will growl the nasty for you :-)

20-10-2001, 10:58 AM
Try looking at the site below - it offers a step by step tutorial for identifying who really sent an email.


20-10-2001, 12:31 PM
Tracking emails is pretty easy, right click on the email, click properties then click on the details tab.
This is all of the headers for the email.
Firstly, look for a line that says [X-Originating IP XXX.XX.XXX.XX], if this line is present, it tells you that it is a genuine hotmail email as only they insert this line.
If this is the case, just forward the email as an attachment to abuse@hotmail.com and they should close the account in question.
If it isnt there, then it is because someone has forged the email to come from hotmail,but no matter doesnt really help them any ;-)
There will be a set of Recieved: from XXX by XXX lines in the header, this tells you the path the email took to get to you. If you are really interested you can trace the entire route, but for those with better things to do, the topmost Recieved: from XXX by XXX line is the origin of the message. If the line reads Received: from by aa.bb.cc.dd then the email originated from If you then go to http://www.samspade.org and enter this address in the IP Whois box, you will recieve the details of the organisation to whom that IP is registered, as well as the address for abuse emails. Then just forward your email as an attachment to this address and they should deal with it... hopefully.