Assistance Pinpointing an Anonymous User

Ladies and Gentlemen,

       I am an executive for a small non-profit enterprise.  One of our affiliates is being confronted with slanderous attacks stemming from the "comments" form on their website "contact us" page and through an anonymous <My> poster. We believe these attacks are coming from a single individual. A NuVox Communications branch in Greenville, SC. provided the IP Address employed to address our web site. The email address inserted at our web site is <>; we believe it is fictitious.

Our associates made several attempts at contacting this individual for their name via their <My> site without success. My goal is to contact the person and try to address these issues with out any litigation, if possible.

Our enterprise would be grateful, if anyone can provide sources that can help us LEGALLY pinpoint this person outside of seeking a legal remedy. Thank you for your prompt and expert response in this urgent matter and have an excellent day!

Very Respectfully

Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

You could start by entering the IP address in the WHOIS database.  It mightlead you to some useful information.
zephyr_hex (Megan)DeveloperCommented:
if you have the IP address, then you have the identity of the computer/internet account from which the posting came.

you can do a lookup to see what company owns the IP. has this capability.  use the WhoIS function.  the results will probably also give you a way to contact the internet service provider (ISP)
you would need to contact the ISP and see if they can tell you the information you are looking for.

in many cases, the ISP will refuse.  i know the RIAA had to sue ISP's in order to get the identities of people who were using peer to peer services for downloading music.
How do you know if your security is working?

Protecting your business doesn’t have to mean sifting through endless alerts and notifications. With WatchGuard Total Security Suite, you can feel confident that your business is secure, meaning you can get back to the things that have been sitting on your to-do list.

Contact the ISP and Myspace lodge a formal complaint these companies.  They may be able to take actions of their own to eliminate this problem.
Tim HolmanCommented:
There's nothing you can do.  The sender is most likely to be using a SPAM relay to send these emails, and as such, the sending IP will only take you to an insecure mail server that the sender happens to be abusing.  
The police are unlikely to help either, unless the email is relating to illegal content (terrorism, child porn, drug trafficking), but it's more than likely they would already know about this, as they monitor most of the major internet trunks in the world for stuff like this all the time.
I learnt to accept offensive emails a long time ago - it's either that, or no emails at all...
If you're keen on finding out more about tracing email headers, look at  This will let you cut and paste the entire mail into a website, and will give you the IP address of the insecure relay.  But where do you go then?  You're stuck...

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Regarding the page.

CAVEAT: This is a lot of information, and it really all hinges on if the attacker's myspace page has some customization on it, rather than the drab default page.  This is all information I've collected for use in a seminar I'm putting together for high-school and junior high students.  All in the hopes of educating them on how to protect themselves in the digital age, however I thought a deeper technical look might assist you in this instance.

You stated this person has a page on Myspace?  Depending on how much this individual has customized their webpage, you might be able to gather additional information from items placed on the page.

Myspace doesn't allow you to host any files on their server (except for the items under the "pics" section), so in order for you to have the fancy background images, you need to host them somewhere else.  These images are usually hosted at a free image hosting site like  You MIGHT get lucky in that this person got cocky and is hosting the images on their personal server or on a server belonging to their company (which would give you another avenue of investigation).

You can try to open the top level of the directory where the images are hosted to see if they have accidentally allowed the public to view the files, you might get super lucky and find pictures of your possible offender, or at least images that might assist you in narrowing down your list of suspects.

For example, if the picture of their background is hosted at photobucket, and the url for it is you can try entering just the into your browser and see if there are more pictures available for public viewing.

Additionally, If there are images posted that are of the JPG standard, you might be able to open them in an advanced image viewer and read the EXIF information within the picture.  EXIF is basically extra info that digital cameras put into a picture, and it can sometimes give you a timestamp of when the image was taken, what model of camera was used, and the settings on the camera on the time the picture was taken.

Why is the EXIF information important?  Well, if the user has password protected the photobucket album, you can't see any of the images UNLESS YOU KNOW THE FILENAME.  Therefore, if the images follow the standard naming convention of the digital camera manufacturer, you can use yet another program to auto-download images based on the possible combinations on the filename.

P.S. As you had stated, these are all completly legal methods, and simply involve a more intimate knowledge of the technologies involved.

Have you had any success with any of the methods posted thus far?
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.