Tracking Message Path and sender location
SUMMARY
How to track a message history by viewing the message header.
DETAIL
Tracking emails and finding their origin is completed by doing the
following;
Every time an email hits a server or client, a header is
added to the top of the email message. On every message, the bottom of these
headers is the starting point, here is an example of a dissected
header;
Remember, it is back to front, so start in at the bottom of this header
history.
Finally the email was then sent on to another server and most
likely retrieved by a client.
Received: from
rly-yg06.mx.aol.com (rly-yg06.mail.aol.com [172.18.180.102]) by
air-yg01.mail.aol.com (v100.23) with ESMTP id MAILINYG14-78a40ef2bf823; Fri, 09
Jul 2004 19:36:43 -0400
The email was then relayed by the
MailEnable server to an AOL server
Received: from
ns13.root-name-server.net (ns13.root-name-server.net [216.7.186.181]) by
rly-yg06.mx.aol.com (v100.23) with ESMTP id MAILRELAYINYG68-78a40ef2bf823; Fri,
09 Jul 2004 19:36:25 -0400
The email was then received by a
MailEnable server from the localhost (216.7.186.183) at the for mentioned
date.
Received: from localhost ([216.7.186.183]) by
ns13.root-name-server.net with MailEnable ESMTP; Fri, 09 Jul 2004 17:36:21
-0600
This is last line of the header and as such the first
route traveled this extract shows that HOST12(127.0.0.1) was sent from a local
machine using Microsoft SMTP service at the for mentioned
date.
Received: from HOST12 ([127.0.0.1]) by localhost with
Microsoft SMTPSVC (6.0.3790.0); Fri, 9 Jul 2004 17:40:00 -0600
To track down a user, search in the SMTP logs searching for either
the name "localhost" which the email sender put down as their senders address or
the IP address "216.7.186.183" in this case which is the IP address that was
used to send to the MailEnable server and possibly authenticate
with.
Tracking messages that go through MailEnable using the logs is
talked about at the following link;
http://www.mailenable.com/kb/content/article.asp?ID=ME020252
MORE INFORMATION
How to track messages as they pass through MailEnable?: http://www.mailenable.com/kb/content/article.asp?ID=ME020252
How to troubleshoot SMTP Connectivity issues and analyse log files?: http://www.mailenable.com/kb/content/article.asp?ID=ME020170
| Product: | MailEnable (All Versions) |
| Article: | ME020338 |
| Module: | General |
| Keywords: | tracking,pass,headers,IP,tracing,message,history,mail,header,view,track,sender |
| Class: | HOWTO: Product Instructions |
| Revised: | Friday, December 1, 2017 |
| Author: | MailEnable |
| Publisher: | MailEnable |
- Mail Server
- Overview
- Features
- Comparisons
- Solutions
- Product Editions
- Feature Matrix
- Webmail Demo
- Video Gallery
- Migrate To MailEnable
- Testimonials