Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

webmail

Posted on 2009-05-19
5
Medium Priority
?
240 Views
Last Modified: 2012-05-07
Is there anyway an investigation could determine who setup a web based mail account, i.e. who is the actual person behind adjsdjasp@particulardomain.com

I beleive I no the answer but thought I'd check...
0
Comment
Question by:pma111
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 3

Expert Comment

by:Cameron_S
ID: 24422640
The short answer is yes. The long answer is that the originating account creator could be traced to a specific IIP address. That IP address could then translate to an address and individual workstation. However, a direct correlation between Bob Ross and bobross@domain.com would be hard to determine outside of computer forensics on the actual workstation in question.

If an ISP is willing to cooperate with an investigation, you could track down to an individual machine. In turn, LEO could obtain a warrant and seize the machine, if they have reason to believe it was used in a crime. This is how things like child pornography and pirated software are tracked.
0
 
LVL 16

Expert Comment

by:warturtle
ID: 24424409
Email headers will tell you of where the message originated from (webhosting company) and if a legal agency approaches the webhosting company for more information, they can provide details of IP address that was used to logon and can help with investigations.
0
 
LVL 3

Author Comment

by:pma111
ID: 24425823
Could you ellaborate warturtle, are you saying if someone had say aol broadband as their internet service provider, but say the suspect email account was a hotmail email account suspect@hotmail.com, would the email header have some refernce to aol somewhere?
0
 
LVL 3

Accepted Solution

by:
Cameron_S earned 500 total points
ID: 24425857
What warturtle is saying is that the webmail (say Hotmail in your example) server administrators could see that the person using the webmail account was using AOL broadband. AOL Broadband admins could then in turn track it down to a physical location (house, internet cafe).

The e-mail header will simply state the server of origin, i.e. Hotmail.
0
 
LVL 16

Assisted Solution

by:warturtle
warturtle earned 500 total points
ID: 24426326
Yes, that is exactly what I was trying to say. Thanks, Cameron_S :)

Just to explain by taking your example - if someone uses AOL Broadband and accesses their hotmail account - suspect@hotmail.com to send an email to innocentyou@gmail.com then you can see the email headers and find out that the email actually came from hotmail.com (sometimes this is simply visible in the email address that the mail came from in this case its hotmail).

But, if the email came from asfdasd@askjfhasd.com , then you can see the email headers to see the IP address or the domain name of the actual server that sent the email. Then, you can do a tracert to find out which webhosting company has that IP address. And then, after that you can follow the advice from Cameron_S to take your investigations further ;-)

Hope it helps.
0

Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as high-speed processing of the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Check out the latest tech news, community articles, and expert highlights in August's newsletter.
Check out what's been happening in the Experts Exchange community.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

671 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question