Trace an e-mail address

[AboveTheLogic]

I received an email from someone using roadrunner and it was sent to a gmail account.

Looking at those headers, the closest information I could find was which roadrunner email servers he sent from, maybe he was using webmail. I can't imagine a way that you could trace someone's NAT address if they send through webmail.

Fortunately, locating those servers and having his first and last name, I was able to track the person down.

The email servers were all in one location, and there was a listing in a nearby town with his name.


...hmm maybe I should use webmail more if it is more secure in that aspect

[ComputerKid]

Ok, simply, if they use an online webmail account, it uses an online proxy server. You can't trace their IP from it because that IP server for the webmail could have up a billion other webmail accounts connected to it. If it's one that luckily is unproxied and has a live messaging system, open MS-DOS Command Prompt and do netstat -an or -a or just netstat on it's own.

[heavensangel]

having been abused by hackers i want to ask why you all want to trace people and know where they live ? i am here to escape being hacked by a close relative ....

[wimiadmin]

You don't always trace an e-mail because you're being hacked. Most hackers will find other ways into your computer than via e-mail.....unless they send you a link that takes you to an .exe file.

I mostly trace e-mails when I get SPAM. I run a mail server and if I can narrow down bad IPs, I can block them at the mail server and non of the SPAM gets through.

You can also report abuse to the owner of the IP that they're sending from as well. www.spamcop.net tells you all about that.

Brian

[heavensangel]

ok.... so that is why even though my house comp ip can change 20 times a day the person can still monitor my email activity.... What if i use a secure proxy company?

[AboveTheLogic]

I'm not sure about someone being able to monitor your emails very easily, but the reason I was trying to trace an email is because the person who has possession of the laptop that was stolen from my home emailed us and I tracked him down.

I think I scared him a little bit, and the police wouldn't do anything... what a waste of time...

[heavensangel]

Quote:

Originally Posted by AboveTheLogic

I'm not sure about someone being able to monitor your emails very easily, but the reason I was trying to trace an email is because the person who has possession of the laptop that was stolen from my home emailed us and I tracked him down. I think I scared him a little bit, and the police wouldn't do anything... what a waste of time...

i understand...and feel for you.... there is a programme that monitors email activity cos i saw it on my hackers (a relative) computer !!! it is horrible behaviour ... good luck with laptop retrieval ...

[napper]

Quote:

Originally Posted by wimiadmin

Don't just tell me I'm wrong. Tell us all how to do it.

Hotmail adds the following header to outgoing messages using hotmail.com:

X-Originating-IP: [99.253.XX.XX]

(IP changed for security)

[AboveTheLogic]

Is that IP YOUR actual internet IP that shows up when you go to whatismyip.com?

I suspect it's hotmail's email server's IP, but I only suspect that...

im tempted to get a hotmail account just to test this!

[Shems]

L.S.,

"Information is the most valuable commodity I ever heard of.
Wouldn't you agree?" (Michael Douglas - Wall Street).

What I've noticed is the trace ends at certain servers. Still, I believe -firmly- they're ways to retrieve the information. For one, it takes a level general knowledge and experience. If you notice (like I did) security's your main concern; exploit that fear !!!! For example, I got into how it all worked with those ip-numbers; infinity is unconceivable ?! After a lot of searching (!) I came to the conclusion the internet isn't infinite at all ! Clues; arin, apnic, ripe, iana. I just looked at some apps that -supposedly- can find ip's. I input mine and it came close, but not close enough. Then I searched on a domain I registered and I was suddenly somewhere at the coast of California. Makes no sense; you can virtually do anything in windows what the app does. You just have to know where and how; the app would put a load on your system which makes it harder and slower to connect. I bet if I really wanted to, I could track somebody down;"cmd, nslookup, tracert, pathping" ..... Accessing your ISP' dns-server. Your ip is "reversed and recalculated (hex)"; your ISP turns it into a (sub-) domain-name. If you can find that name and calculate your ip, you'll know what I mean. Suppose you'd be running a file-service; just put "ftp://yuorip" in the address-bar of explorer, iexplore, firefox, run .... and Hoppa! Took me a while to figure it all out and I'm far from done. Now, I've decided to get ms-certified and specify in security. Start with help...

Shems