Solved

check from which account/username an email sent in outlook 2010

Posted on 2016-09-21
15
29 Views
Last Modified: 2016-10-17
Hi,
We have outlook 2010 in a local network of 13 computer  (internal network) at work.
someone sent an email from this network to another person in same network without reveal his ID.

the question is: how can i reveal the id/account/username/computer info about the person who send this email ?
0
Comment
Question by:drtopserv
  • 7
  • 6
15 Comments
 
LVL 16

Assisted Solution

by:Ivan
Ivan earned 250 total points (awarded by participants)
ID: 41809445
Hi,

can you try with message tracking?

Regards,
Ivan.
0
 
LVL 92

Expert Comment

by:John Hurst
ID: 41809472
Open Outlook, then open the email, then select File and then Properties. That will open up the Message Headers. Look for Message ID to see where it came from .
1
 

Author Comment

by:drtopserv
ID: 41809912
What is massage tracking?
0
 
LVL 92

Expert Comment

by:John Hurst
ID: 41810567
Message tracking is in Exchange.

Did you find the Message ID as suggested?  It should tell you where the email comes from
0
 

Author Comment

by:drtopserv
ID: 41814457
Received: from EX-MBX03.mac.org.il ([fe80::7d93:e98c:ccb9:61e5]) by

EX-Hub01.mac.org.il ([fe80::a89c:c411:ec9b:d65f%11]) with mapi id

14.03.0169.001; Tue, 20 Sep 2016 14:12:08 +0300

Content-Type: application/ms-tnef; name="winmail.dat"

Content-Transfer-Encoding: binary

From: =?windows-1255?B?7uvh6SD04PjtIPD68OnkLe746+Y=?= <bm-netanya@mac.org.il>

To: =?windows-1255?B?+ef4IO7x+A==?= <messer_s@mac.org.il>,

            =?windows-1255?B?8uPpIPLm+A==?= <azar_adi@mac.org.il>,

            =?windows-1255?B?7un46SDg7Ony5iDi4eX4?= <eliaz_m@mac.org.il>,

            =?windows-1255?B?4Onu4O8g5+Dx9+nk?= <khaskia_i@mac.org.il>

Subject: =?windows-1255?B?+vTx6ffp?=

Thread-Topic: =?windows-1255?B?+vTx6ffp?=

Thread-Index: AdITLuKo8a3Y9C+vTbKx+8xMsnTVgw==

Date: Tue, 20 Sep 2016 14:12:08 +0300

Message-ID: <F3D3391A3F81474890A4A4175BD25E93DAAE50CA@EX-Mbx03.mac.org.il>

Accept-Language: he-IL, en-US

Content-Language: he-IL

X-MS-Has-Attach:

X-MS-Exchange-Organization-SCL: -1

X-MS-TNEF-Correlator: <F3D3391A3F81474890A4A4175BD25E93DAAE50CA@EX-Mbx03.mac.org.il>

MIME-Version: 1.0

X-MS-Exchange-Organization-AuthSource: EX-Hub01.mac.org.il

X-MS-Exchange-Organization-AuthAs: Internal

X-MS-Exchange-Organization-AuthMechanism: 04

X-MS-Exchange-Organization-AVStamp-Mailbox
0
 

Author Comment

by:drtopserv
ID: 41814458
i have copy paste it to you.
what i can get from this info?
0
 
LVL 92

Accepted Solution

by:
John Hurst earned 250 total points (awarded by participants)
ID: 41814639
Use the message ID lines to see where the email is coming from:

Message-ID: <F3D3391A3F81474890A4A4175BD25E93DAAE50CA@EX-Mbx03.mac.org.il>
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 

Author Comment

by:drtopserv
ID: 41814661
how to do it exactly.
I`m a user , i don`t have any access to the server.
only have access to all clients computer .
and i`m sure the anonymous user send the email from one of these clients computers.
by the way, the users have access to the emails also from there cell phone.
maybe he sent it from his cell phone ~.
0
 
LVL 92

Expert Comment

by:John Hurst
ID: 41814665
You need an administrator of the Exchange system to do this for you. You cannot do it as a user.
0
 

Author Comment

by:drtopserv
ID: 41814669
is there anyway to try to figure out from clients computers??
and what that msg-ID will give exactly?
0
 
LVL 92

Assisted Solution

by:John Hurst
John Hurst earned 250 total points (awarded by participants)
ID: 41814674
The message ID is in the properties of the email. My first post here. Use that.

In Message-ID: <F3D3391A3F81474890A4A4175BD25E93DAAE50CA@EX-Mbx03.mac.org.il>  , the sender came from EX-Mbx03.mac,org.il

You really need the Exchange Administrator to give you the name of the sender.  
F3D3391A3F81474890A4A4175BD25E93DAAE50CA does not mean anything (to me)
0
 

Author Comment

by:drtopserv
ID: 41814748
another question, can i know the client computer ip, from where the email sent?
0
 
LVL 92

Expert Comment

by:John Hurst
ID: 41814857
It might be in the headers or obfuscated. You need to look up the IP of the message ID in smart Whois.
0
 

Author Comment

by:drtopserv
ID: 41819648
aha , i will ask server admin .
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you don't know how to downgrade, my instructions below should be helpful.
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
how to add IIS SMTP to handle application/Scanner relays into office 365.

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now