Solved

email headers

Posted on 2015-01-30
14
103 Views
Last Modified: 2015-02-01
i get lots of emails and many times i would like to trace from whom  they are, i.e.  are they from the usual spam emails hiding behind an IP address and although declaring that they are from whatever country, but are operating from your own very doorstep of the U.S.  
is there any free documentaion on how and what to make out from  the email headers so that i can identify who they really are.  Also I guess there are many tricks some of them use to hide, and also to find if this is what they are.  
Or  has someone written a comprehensive book, I know that the IT is revolving, but something that is close to the latest infomation, would help.  
Also to understand the various terminology and what they mean when i trace an IP address, like "Microsoft hosting", etc. etc.
Thank u.
0
Comment
Question by:jegajothy
  • 5
  • 4
  • 3
  • +1
14 Comments
 
LVL 92

Assisted Solution

by:John Hurst
John Hurst earned 300 total points
ID: 40580859
First, spammers obfuscate their headers, so analyzing spam headers is neither enlightening or satisfying in most cases. MUCH easier just to filter spam out. I do the latter.

That said, open a message in Outlook, and select File, Properties and a Window with the Headers opens. You can copy the headers to Notepad and review more easily. Start here, because the tools are readily available.

If you see an IP address you would like to track, you can use online WHOIS services.
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 40580925
In addition, a lot of spam is sent out from virus infected personal computers.  The owners usually have no idea that they are sending it.  The virus "phones home" to the control computer and gets the next batch of spam to send.  It is not unusual for me to get the same spam from 2 to 10 different email addresses / IP addresses.

The good news is that the FBI, Microsoft, Google, and Yahoo and others are constantly tracking down these people to shut them down.  They are doing it because it uses up so much in the way of resources on their mail servers.  I've seen it estimated that the mail services bounce 80% of the spam before it even gets to you and that 80% or more of the emails they get are spam.  If they could get rid of spam, they could use fewer servers and network resources.
0
 

Author Comment

by:jegajothy
ID: 40580939
in response to John and Dave, I was looking for something, like a paper written by somebody or a well written book so that I can be educated better whenever I receive an email, spam or real.   thank u.
0
 
LVL 92

Assisted Solution

by:John Hurst
John Hurst earned 300 total points
ID: 40580940
You are looking for something like this.

http://www.amazon.ca/Spam-Nation-Organized-Cybercrime--Epidemic/dp/1402295618/ref=sr_1_2?ie=UTF8&qid=1422665552&sr=8-2&keywords=books+on+spam

There is more than one book on spam, but this one looks decent.
0
 
LVL 83

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 200 total points
ID: 40580953
Here http://www.cybercrimejournal.com/Yu2011ijcc.pdf is a report published in the Cyber Crime Journal about the characteristics of spam emails.
0
 
LVL 61

Expert Comment

by:gheist
ID: 40581149
Are you already finished with RFC 821 822 2821 2822 ?
0
 

Author Comment

by:jegajothy
ID: 40581380
In response to gheist, not sure what RFC stands for, and also what u are referring to.
I am seeing if there is something out already written how to educate myself on the jargon on the email headers, what it means, or implies, or more information who is the author, or hiding behind someone else, like that.
0
Swamped with email signature updates?

Have you been given a load of changes to make to your users’ email signatures? Having to manually implement multiple signatures for every department? Let Exclaimer save you from being swamped with email signature updates!

 
LVL 92

Expert Comment

by:John Hurst
ID: 40581394
RFC  stands for Request for Comments (RFC) is a publication of the Internet Engineering Task Force (IETF) and the Internet Society, the principal technical development and standards-setting bodies for the Internet.

Methinks a regular book might be better for you.
0
 
LVL 61

Expert Comment

by:gheist
ID: 40581512
Wikipedia does not hurt either....
0
 
LVL 83

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 200 total points
ID: 40581679
This article tells why you won't often find the IP addresses of the real spammers.  http://www.cnet.com/news/microsoft-hands-rustock-botnet-case-over-to-fbi/
According to Microsoft, Cosma2k is the handle of the alleged ringleader of the Rustock botnet, which earlier this year was the purveyor of more e-mail spam than any other network in the world, sending as many as 30 billion messages a day at its peak.
0
 

Author Comment

by:jegajothy
ID: 40581914
To everyone who responded, do u know of any Forum that discusses this IP issues and spam like subjects, where I can browse. thank u.
0
 
LVL 92

Accepted Solution

by:
John Hurst earned 300 total points
ID: 40581916
One good web reference, highly used and well done is http://www.spamhaus.org/

Most of what you need is in there.  There are others of course
0
 

Author Closing Comment

by:jegajothy
ID: 40582406
thank u everyone, it goes without saying, it is a very BIG subject.
0
 
LVL 92

Expert Comment

by:John Hurst
ID: 40582407
@jegajothy  - You are very welcome. Yes - Spam is a huge topic. A really good mail ISP will dump 99% or more of all spam without bothering you.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Email Domain Transfer 2 40
outlook 2007 vs New Version of Outlook - cannot see LDAP ID 1 46
as logs exchange 2010 7 28
Way to Disable Outlook Follow Up Flags 3 35
Check out this infographic on what you need to make a good email signature that will work perfectly for your organization.
This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
A simple description of email encryption using a secure portal service. This is one of the choices offered by The Email Laundry for email encryption. The other choices are pdf encryption which creates an encrypted pdf of your email and any attachmen…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now