Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 67
  • Last Modified:

check from which account/username an email sent in outlook 2010

Hi,
We have outlook 2010 in a local network of 13 computer  (internal network) at work.
someone sent an email from this network to another person in same network without reveal his ID.

the question is: how can i reveal the id/account/username/computer info about the person who send this email ?
0
drtopserv
Asked:
drtopserv
  • 7
  • 6
3 Solutions
 
IvanSystem EngineerCommented:
Hi,

can you try with message tracking?

Regards,
Ivan.
0
 
John HurstBusiness Consultant (Owner)Commented:
Open Outlook, then open the email, then select File and then Properties. That will open up the Message Headers. Look for Message ID to see where it came from .
1
 
drtopservAuthor Commented:
What is massage tracking?
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
John HurstBusiness Consultant (Owner)Commented:
Message tracking is in Exchange.

Did you find the Message ID as suggested?  It should tell you where the email comes from
0
 
drtopservAuthor Commented:
Received: from EX-MBX03.mac.org.il ([fe80::7d93:e98c:ccb9:61e5]) by

EX-Hub01.mac.org.il ([fe80::a89c:c411:ec9b:d65f%11]) with mapi id

14.03.0169.001; Tue, 20 Sep 2016 14:12:08 +0300

Content-Type: application/ms-tnef; name="winmail.dat"

Content-Transfer-Encoding: binary

From: =?windows-1255?B?7uvh6SD04PjtIPD68OnkLe746+Y=?= <bm-netanya@mac.org.il>

To: =?windows-1255?B?+ef4IO7x+A==?= <messer_s@mac.org.il>,

            =?windows-1255?B?8uPpIPLm+A==?= <azar_adi@mac.org.il>,

            =?windows-1255?B?7un46SDg7Ony5iDi4eX4?= <eliaz_m@mac.org.il>,

            =?windows-1255?B?4Onu4O8g5+Dx9+nk?= <khaskia_i@mac.org.il>

Subject: =?windows-1255?B?+vTx6ffp?=

Thread-Topic: =?windows-1255?B?+vTx6ffp?=

Thread-Index: AdITLuKo8a3Y9C+vTbKx+8xMsnTVgw==

Date: Tue, 20 Sep 2016 14:12:08 +0300

Message-ID: <F3D3391A3F81474890A4A4175BD25E93DAAE50CA@EX-Mbx03.mac.org.il>

Accept-Language: he-IL, en-US

Content-Language: he-IL

X-MS-Has-Attach:

X-MS-Exchange-Organization-SCL: -1

X-MS-TNEF-Correlator: <F3D3391A3F81474890A4A4175BD25E93DAAE50CA@EX-Mbx03.mac.org.il>

MIME-Version: 1.0

X-MS-Exchange-Organization-AuthSource: EX-Hub01.mac.org.il

X-MS-Exchange-Organization-AuthAs: Internal

X-MS-Exchange-Organization-AuthMechanism: 04

X-MS-Exchange-Organization-AVStamp-Mailbox
0
 
drtopservAuthor Commented:
i have copy paste it to you.
what i can get from this info?
0
 
John HurstBusiness Consultant (Owner)Commented:
Use the message ID lines to see where the email is coming from:

Message-ID: <F3D3391A3F81474890A4A4175BD25E93DAAE50CA@EX-Mbx03.mac.org.il>
0
 
drtopservAuthor Commented:
how to do it exactly.
I`m a user , i don`t have any access to the server.
only have access to all clients computer .
and i`m sure the anonymous user send the email from one of these clients computers.
by the way, the users have access to the emails also from there cell phone.
maybe he sent it from his cell phone ~.
0
 
John HurstBusiness Consultant (Owner)Commented:
You need an administrator of the Exchange system to do this for you. You cannot do it as a user.
0
 
drtopservAuthor Commented:
is there anyway to try to figure out from clients computers??
and what that msg-ID will give exactly?
0
 
John HurstBusiness Consultant (Owner)Commented:
The message ID is in the properties of the email. My first post here. Use that.

In Message-ID: <F3D3391A3F81474890A4A4175BD25E93DAAE50CA@EX-Mbx03.mac.org.il>  , the sender came from EX-Mbx03.mac,org.il

You really need the Exchange Administrator to give you the name of the sender.  
F3D3391A3F81474890A4A4175BD25E93DAAE50CA does not mean anything (to me)
0
 
drtopservAuthor Commented:
another question, can i know the client computer ip, from where the email sent?
0
 
John HurstBusiness Consultant (Owner)Commented:
It might be in the headers or obfuscated. You need to look up the IP of the message ID in smart Whois.
0
 
drtopservAuthor Commented:
aha , i will ask server admin .
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 7
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now