?
Solved

email headers

Posted on 2015-01-30
14
Medium Priority
?
114 Views
Last Modified: 2015-02-01
i get lots of emails and many times i would like to trace from whom  they are, i.e.  are they from the usual spam emails hiding behind an IP address and although declaring that they are from whatever country, but are operating from your own very doorstep of the U.S.  
is there any free documentaion on how and what to make out from  the email headers so that i can identify who they really are.  Also I guess there are many tricks some of them use to hide, and also to find if this is what they are.  
Or  has someone written a comprehensive book, I know that the IT is revolving, but something that is close to the latest infomation, would help.  
Also to understand the various terminology and what they mean when i trace an IP address, like "Microsoft hosting", etc. etc.
Thank u.
0
Comment
Question by:jegajothy
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
  • 3
  • +1
14 Comments
 
LVL 97

Assisted Solution

by:Experienced Member
Experienced Member earned 1200 total points
ID: 40580859
First, spammers obfuscate their headers, so analyzing spam headers is neither enlightening or satisfying in most cases. MUCH easier just to filter spam out. I do the latter.

That said, open a message in Outlook, and select File, Properties and a Window with the Headers opens. You can copy the headers to Notepad and review more easily. Start here, because the tools are readily available.

If you see an IP address you would like to track, you can use online WHOIS services.
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 40580925
In addition, a lot of spam is sent out from virus infected personal computers.  The owners usually have no idea that they are sending it.  The virus "phones home" to the control computer and gets the next batch of spam to send.  It is not unusual for me to get the same spam from 2 to 10 different email addresses / IP addresses.

The good news is that the FBI, Microsoft, Google, and Yahoo and others are constantly tracking down these people to shut them down.  They are doing it because it uses up so much in the way of resources on their mail servers.  I've seen it estimated that the mail services bounce 80% of the spam before it even gets to you and that 80% or more of the emails they get are spam.  If they could get rid of spam, they could use fewer servers and network resources.
0
 

Author Comment

by:jegajothy
ID: 40580939
in response to John and Dave, I was looking for something, like a paper written by somebody or a well written book so that I can be educated better whenever I receive an email, spam or real.   thank u.
0
Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

 
LVL 97

Assisted Solution

by:Experienced Member
Experienced Member earned 1200 total points
ID: 40580940
You are looking for something like this.

http://www.amazon.ca/Spam-Nation-Organized-Cybercrime--Epidemic/dp/1402295618/ref=sr_1_2?ie=UTF8&qid=1422665552&sr=8-2&keywords=books+on+spam

There is more than one book on spam, but this one looks decent.
0
 
LVL 83

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 800 total points
ID: 40580953
Here http://www.cybercrimejournal.com/Yu2011ijcc.pdf is a report published in the Cyber Crime Journal about the characteristics of spam emails.
0
 
LVL 62

Expert Comment

by:gheist
ID: 40581149
Are you already finished with RFC 821 822 2821 2822 ?
0
 

Author Comment

by:jegajothy
ID: 40581380
In response to gheist, not sure what RFC stands for, and also what u are referring to.
I am seeing if there is something out already written how to educate myself on the jargon on the email headers, what it means, or implies, or more information who is the author, or hiding behind someone else, like that.
0
 
LVL 97

Expert Comment

by:Experienced Member
ID: 40581394
RFC  stands for Request for Comments (RFC) is a publication of the Internet Engineering Task Force (IETF) and the Internet Society, the principal technical development and standards-setting bodies for the Internet.

Methinks a regular book might be better for you.
0
 
LVL 62

Expert Comment

by:gheist
ID: 40581512
Wikipedia does not hurt either....
0
 
LVL 83

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 800 total points
ID: 40581679
This article tells why you won't often find the IP addresses of the real spammers.  http://www.cnet.com/news/microsoft-hands-rustock-botnet-case-over-to-fbi/
According to Microsoft, Cosma2k is the handle of the alleged ringleader of the Rustock botnet, which earlier this year was the purveyor of more e-mail spam than any other network in the world, sending as many as 30 billion messages a day at its peak.
0
 

Author Comment

by:jegajothy
ID: 40581914
To everyone who responded, do u know of any Forum that discusses this IP issues and spam like subjects, where I can browse. thank u.
0
 
LVL 97

Accepted Solution

by:
Experienced Member earned 1200 total points
ID: 40581916
One good web reference, highly used and well done is http://www.spamhaus.org/

Most of what you need is in there.  There are others of course
0
 

Author Closing Comment

by:jegajothy
ID: 40582406
thank u everyone, it goes without saying, it is a very BIG subject.
0
 
LVL 97

Expert Comment

by:Experienced Member
ID: 40582407
@jegajothy  - You are very welcome. Yes - Spam is a huge topic. A really good mail ISP will dump 99% or more of all spam without bothering you.
0

Featured Post

Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

An analysis of the phishing scam that has been affecting Google users, along with steps to take for protection, as well as what to do if you receive one of the emails.
Unified and professional email signatures help maintain a consistent company brand image to the outside world. This article shows how to create an email signature in Exchange Server 2010 using a transport rule and how to overcome native limitations …
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
Suggested Courses

800 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question