hacking problem

some one has been hacking my mail id i want to find out . please send me solution as to how to identify sender through email headers.
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Inspect the "Received:" headers. Each server the message passes thru usually inserts such a header line, identifying the server with name and IP and probably more info like the IP the came from. They're to be read backwards, the topmost "Received:" header is the most recent.

If the last line indicates a private range IP, the IP & name of the server in that line might give you at least a hint where the the culprit resides.

If the culprit used webmail, then most providers include some info about the sender's IP into the header ... look out for headers starting with "X-".

If the sender used your account's web mail interface via TOR, you're out of luck even with a good friend at the NSA ... in that case the header info is useless.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
SAHIL09Author Commented:
Hi thanks frank , , the header says:
delivered to :xx@gmail.com
Received:by x.x.x.x with SMTP id ############;
             sat,27 jun 2015 00:11:21 -0700 (PDT)
X-RECEIVED :BY Y.Y.Y.Y WITH smtp ID %%%%%%%%%%%;
Received: from smtprelay.h.hostedmail.com(smtprelay0108.b.hostemail.com.(z.z.z.z)
                  by mx.google.com with ESTMP id something
                 for  xx@gmail.com ;
                 date time -0700(PDT)
Received -SPF : temperr (google.com ; error in processing during lookup of bb@uu.com;DNS error )client-ip = z.z.z.z
last line is x-orignationg -ip : t.t.t.t.

i have kept ip address and email id in headers fictitious for privacy.
please addivce can sender be recognized from the above mail.
i tried it came as hosted mail in tucows.com , but server loaded in Ireland.
can we get ip address of sender computer?
Scott CSenior EngineerCommented:
Even easier...

Go to this site...


Click on "Message Analyzer".  Copy and paste the header in the box and hit "Analyze Headers".

Don't know if you will get the originating IP workstation but it's a good shot.
Exploring ASP.NET Core: Fundamentals

Learn to build web apps and services, IoT apps, and mobile backends by covering the fundamentals of ASP.NET Core and  exploring the core foundations for app libraries.

I would give t.t.t.t. a chance to be the originator's IP address, but that might be the web hoster server address. If the latter is the case, you might get data from the provider of that addres about who has it at the time the mail was sent. But that would usually need a court order, which is only given when some crime is involved ...
SAHIL09Author Commented:
OK guys. i would try to get court orders. otherwise not possible to get data who has done it?
Inactive for a long time now ... answers are sufficient, IMHO.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Internet / Email Software

From novice to tech pro — start learning today.