Tracing an Email

thunderbird email headers
Martin Brinkmann
Jan 21, 2006
Updated • Mar 14, 2014
Email
|
0

Yesterday I posted an article about tracing hackers that try to get in your system. Today I give you one about tracing an emails back to the original sender.

The first thing you have to do is to enable email headers. The site (no longer available, link removed) shows you how to do so using Gmail, Yahoo Mail and MSN Hotmail. All desktop clients should support this feature as well. Email Headers show you additional information about the email, for example the first server that received the email from the sender or IP addresses.

Here is an example of how to display headers on Gmail. Open the email that you want to check, and click on the small down arrow icon in the "from" line. A menu pops up, and you need to select "show original" from it to display all email headers.

gmail-show-headers

ADVERTISEMENT

After explaining how to configure your mail software to display email headers, the site explains the important headers in detail.This is necessary to understand how to use them to trace an email message back to its original sender. Finally the last part of the article shows you how to trace the sender looking upr the senders IP address on the Internet. Its again only helpful if the email was not relayed through botnets, cracked servers or other means of disguising the spammer's original IP address.

Update: You can enable all email headers in Mozilla Thunderbird the following way: Click on View > Headers > All. This should enable detailed headers that you can use to analyze where the email is coming from.

thunderbird email headers

Once you have configured email headers, you need a basic understanding of what you should be looking for to use them effectively. What you basically need to understand is that the sender of an email is not sending it directly to you. The email instead is first send to the sender's email provider from where it is usually send through a number of servers before it reaches your email provider's server from where you can retrieve it in your email client.

To find the sender's IP address, you need to look for the header X-Originating-IP. If that header is not displayed, you need to look at the first received server to find the IP address of the sender. Keep in mind that the IP can still be fake, e.g. if a proxy was used.

Update 2: The original site is no longer available on the Internet, and we have removed the link pointing to it from this article as a consequence.

Advertisement

Related content

Thunderbird 102.9.0 is a security update for the open source email client
gmail android

How to make sure that Gmail notifications on Android are not delayed

Apple don't like AI: start to block AI email app
proton mail bridge interface

The new Proton Mail Bridge is a major improvement
Microsoft’s Outlook Spam Email Filters Are Broken for Many Right Now

Microsoft’s Outlook Spam Email Filters Are Broken for Many Right Now
thunderbird daily

Complete redesign of Thunderbird comes in July 2023

Previous Post: «
Next Post: «

Comments

There are no comments on this post yet, be the first one to share your thoughts!

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.

Advertisement

Spread the Word

Ghacks Newsletter Sign Up

Please click on the following link to open the newsletter signup page: Ghacks Newsletter Sign up

Advertisement

Hot Discussions

Advertisement

Recently Updated

Advertisement

About gHacks

Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.

The name and logo of Ghacks are copyrights or trademarks of SOFTONIC INTERNATIONAL S.A.
Copyright SOFTONIC INTERNATIONAL S.A. © 2005- 2023 - All rights reserved