Q U E S T I O N: If you want to find where an e-mail sent to you originated from, meaning the location of the computer used to send it to you, how do you go about doing that? — Una H.
A N S W E R: A good question, indeed, and one to which there is a good answer. Sort of. Embedded in every e-mail message is about half a printed page of mostly-technical routing data in the form of something called e-mail headers. These headers are the equivalent of the footprints an e-mail message has left on its journey over the wires, servers, and routers that constitute the Internet. All that information makes it theoretically possible to trace any e-mail message back to its source.
But there is a problem. Some of those e-mail headers can be forged. And for the most part, the only e-mail senders who would bother to tamper with e-mail headers are precisely the ones whom you might want to track down. When friends or colleagues send you a quick e-mail message, they probably have no reason to muck around in their e-mail programs to falsify information about where the message originated, right?
On the other hand, there’s the shady world of e-mail spammers and scammers who send e-mails with subject lines like the one I received recently: “Meet The Richest People on Earth.” That message promised to put “at least $122,400.00 in [my] pocket Risk-Free within the next 60-90 Days.” Someone like that may well have a reason to cover his (or her) tracks.
A Head Start In any case, let’s take a look at e-mail headers, starting with the basics. If you call up your e-mail program you’ll probably find the following headers: From, To, Cc, maybe Bcc, Subject, and some information on when the e-mail was created and sent under headings like Date, or Sent and Received. All of these fields are pretty self-explanatory and if the person in the From header is on the up-and-up, all you really have to do is hit Reply to send the sender a message asking where they sent the message from, and you’re set.
But that’s not really the question you asked, Una, is it?
If you really want to trace an e-mail back to its origins, you need to take a look at the extended e-mail header. How you expose that depends on your e-mail program, but there is a command or a button somewhere that will call up all of the headers up for you. (I do it by selecting View and then Options, which calls up a window that includes all of the header information.)
By way of an example, I am using a pretend e-mail message. I have changed a number of parts to the message header below, including the domain name of my e-mail address … “email@example.com is not my real e-mail address.” (So please don’t try to send me email at that address, okay?) Here are some fictitious extended headers: