Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

email headers

Posted on 2015-01-30
14
Medium Priority
?
116 Views
Last Modified: 2015-02-01
i get lots of emails and many times i would like to trace from whom  they are, i.e.  are they from the usual spam emails hiding behind an IP address and although declaring that they are from whatever country, but are operating from your own very doorstep of the U.S.  
is there any free documentaion on how and what to make out from  the email headers so that i can identify who they really are.  Also I guess there are many tricks some of them use to hide, and also to find if this is what they are.  
Or  has someone written a comprehensive book, I know that the IT is revolving, but something that is close to the latest infomation, would help.  
Also to understand the various terminology and what they mean when i trace an IP address, like "Microsoft hosting", etc. etc.
Thank u.
0
Comment
Question by:jegajothy
  • 5
  • 4
  • 3
  • +1
14 Comments
 
LVL 100

Assisted Solution

by:John Hurst
John Hurst earned 1200 total points
ID: 40580859
First, spammers obfuscate their headers, so analyzing spam headers is neither enlightening or satisfying in most cases. MUCH easier just to filter spam out. I do the latter.

That said, open a message in Outlook, and select File, Properties and a Window with the Headers opens. You can copy the headers to Notepad and review more easily. Start here, because the tools are readily available.

If you see an IP address you would like to track, you can use online WHOIS services.
0
 
LVL 84

Expert Comment

by:Dave Baldwin
ID: 40580925
In addition, a lot of spam is sent out from virus infected personal computers.  The owners usually have no idea that they are sending it.  The virus "phones home" to the control computer and gets the next batch of spam to send.  It is not unusual for me to get the same spam from 2 to 10 different email addresses / IP addresses.

The good news is that the FBI, Microsoft, Google, and Yahoo and others are constantly tracking down these people to shut them down.  They are doing it because it uses up so much in the way of resources on their mail servers.  I've seen it estimated that the mail services bounce 80% of the spam before it even gets to you and that 80% or more of the emails they get are spam.  If they could get rid of spam, they could use fewer servers and network resources.
0
 

Author Comment

by:jegajothy
ID: 40580939
in response to John and Dave, I was looking for something, like a paper written by somebody or a well written book so that I can be educated better whenever I receive an email, spam or real.   thank u.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 100

Assisted Solution

by:John Hurst
John Hurst earned 1200 total points
ID: 40580940
You are looking for something like this.

http://www.amazon.ca/Spam-Nation-Organized-Cybercrime--Epidemic/dp/1402295618/ref=sr_1_2?ie=UTF8&qid=1422665552&sr=8-2&keywords=books+on+spam

There is more than one book on spam, but this one looks decent.
0
 
LVL 84

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 800 total points
ID: 40580953
Here http://www.cybercrimejournal.com/Yu2011ijcc.pdf is a report published in the Cyber Crime Journal about the characteristics of spam emails.
0
 
LVL 62

Expert Comment

by:gheist
ID: 40581149
Are you already finished with RFC 821 822 2821 2822 ?
0
 

Author Comment

by:jegajothy
ID: 40581380
In response to gheist, not sure what RFC stands for, and also what u are referring to.
I am seeing if there is something out already written how to educate myself on the jargon on the email headers, what it means, or implies, or more information who is the author, or hiding behind someone else, like that.
0
 
LVL 100

Expert Comment

by:John Hurst
ID: 40581394
RFC  stands for Request for Comments (RFC) is a publication of the Internet Engineering Task Force (IETF) and the Internet Society, the principal technical development and standards-setting bodies for the Internet.

Methinks a regular book might be better for you.
0
 
LVL 62

Expert Comment

by:gheist
ID: 40581512
Wikipedia does not hurt either....
0
 
LVL 84

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 800 total points
ID: 40581679
This article tells why you won't often find the IP addresses of the real spammers.  http://www.cnet.com/news/microsoft-hands-rustock-botnet-case-over-to-fbi/
According to Microsoft, Cosma2k is the handle of the alleged ringleader of the Rustock botnet, which earlier this year was the purveyor of more e-mail spam than any other network in the world, sending as many as 30 billion messages a day at its peak.
0
 

Author Comment

by:jegajothy
ID: 40581914
To everyone who responded, do u know of any Forum that discusses this IP issues and spam like subjects, where I can browse. thank u.
0
 
LVL 100

Accepted Solution

by:
John Hurst earned 1200 total points
ID: 40581916
One good web reference, highly used and well done is http://www.spamhaus.org/

Most of what you need is in there.  There are others of course
0
 

Author Closing Comment

by:jegajothy
ID: 40582406
thank u everyone, it goes without saying, it is a very BIG subject.
0
 
LVL 100

Expert Comment

by:John Hurst
ID: 40582407
@jegajothy  - You are very welcome. Yes - Spam is a huge topic. A really good mail ISP will dump 99% or more of all spam without bothering you.
0

Featured Post

Become an Android App Developer

Ready to kick start your career in 2018? Learn how to build an Android app in January’s Course of the Month and open the door to new opportunities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Steps to fix “Unable to mount database. (hr=0x80004005, ec=1108)”.
Last month Marc Laliberte, WatchGuard’s Senior Threat Analyst, contributed reviewed the three major email authentication anti-phishing technology standards: SPF, DKIM, and DMARC. Learn more in part 2 of the series originally posted in Cyber Defense …
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
Suggested Courses

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question