Solved

webmail

Posted on 2009-05-19
5
234 Views
Last Modified: 2012-05-07
Is there anyway an investigation could determine who setup a web based mail account, i.e. who is the actual person behind adjsdjasp@particulardomain.com

I beleive I no the answer but thought I'd check...
0
Comment
Question by:pma111
  • 2
  • 2
5 Comments
 
LVL 3

Expert Comment

by:Cameron_S
ID: 24422640
The short answer is yes. The long answer is that the originating account creator could be traced to a specific IIP address. That IP address could then translate to an address and individual workstation. However, a direct correlation between Bob Ross and bobross@domain.com would be hard to determine outside of computer forensics on the actual workstation in question.

If an ISP is willing to cooperate with an investigation, you could track down to an individual machine. In turn, LEO could obtain a warrant and seize the machine, if they have reason to believe it was used in a crime. This is how things like child pornography and pirated software are tracked.
0
 
LVL 16

Expert Comment

by:warturtle
ID: 24424409
Email headers will tell you of where the message originated from (webhosting company) and if a legal agency approaches the webhosting company for more information, they can provide details of IP address that was used to logon and can help with investigations.
0
 
LVL 3

Author Comment

by:pma111
ID: 24425823
Could you ellaborate warturtle, are you saying if someone had say aol broadband as their internet service provider, but say the suspect email account was a hotmail email account suspect@hotmail.com, would the email header have some refernce to aol somewhere?
0
 
LVL 3

Accepted Solution

by:
Cameron_S earned 125 total points
ID: 24425857
What warturtle is saying is that the webmail (say Hotmail in your example) server administrators could see that the person using the webmail account was using AOL broadband. AOL Broadband admins could then in turn track it down to a physical location (house, internet cafe).

The e-mail header will simply state the server of origin, i.e. Hotmail.
0
 
LVL 16

Assisted Solution

by:warturtle
warturtle earned 125 total points
ID: 24426326
Yes, that is exactly what I was trying to say. Thanks, Cameron_S :)

Just to explain by taking your example - if someone uses AOL Broadband and accesses their hotmail account - suspect@hotmail.com to send an email to innocentyou@gmail.com then you can see the email headers and find out that the email actually came from hotmail.com (sometimes this is simply visible in the email address that the mail came from in this case its hotmail).

But, if the email came from asfdasd@askjfhasd.com , then you can see the email headers to see the IP address or the domain name of the actual server that sent the email. Then, you can do a tracert to find out which webhosting company has that IP address. And then, after that you can follow the advice from Cameron_S to take your investigations further ;-)

Hope it helps.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Couldn't join Lync meeting - Security certificate isnt trusted 5 34
server core and windows updates 3 51
Event 4625 - Account Name: _ 3 46
google exe file 5 68
How do we balance the user experience (UX) with reasonable security measures? It can be done, if you keep these fundamentals in mind.
Knowing where your website is hosted is as important as the features you receive, the monthly fee, and the support you receive. Due diligence should be done when choosing your next hosting provider.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question