Home   |  About us   |   FAQ   |  Feedback   |  Contact Us
 
Latest Issue   |    Back Issues   |    News    |    Trade Information   |    Trade Fairs   |    Awards   |    Useful Links   |    Feedback   |   Contact us
Latest Issue
Back Issues  >>
Year 2006
Year 2005
Year 2004
Year 2003
Year 2002
Year 2001
News
Trade Information
Trade Fairs
Awards
Useful Links
Feedback
Contact us
FAIDA (a Hindi word, meaning 'profit, gain') is an OPT-IN newsletter for manufacturers, exporters, importers, traders, service providers and all others looking for opportunities in Indian and overseas markets.
.
It contains information on buy offers from Indian and overseas buyers, agency and distribution opportunities, marketing tips and other market related information.
.
For free subscription - please enter your e-mail address below
.
We never disclose your e-mail address to anyone outside our organization. Here is our Privacy Policy
.
 Home  >> Back Issue of Faida >> You are Here
Year 2004
How to Track an E-mail - Part 3

Locating Actual Sender from Header Analysis

Every e-mail has a header that stores significant information about sender of the e-mail and the path it traversed before reaching your mailbox. In earlier issues - we have discussed how to read e-mail headers and various header elements. In this issue, we shall discuss how to locate actual sender of an e-mail and his/her geographical location.

Considering anonymous nature of Internet - this a vital piece of information for every e-business. If you receive an e-mail from a 'customer' with US postal address but discover that the e-mail has been sent from an African country - you know what to do !

Users of web-based free e-mail services like Yahoo, Rediffmail, Hotmail etc. may think that their true identity and location are hidden. In reality - one may still find information about them by analyzing their e-mail headers.

'Received:' Headers

Of all header elements we have discussed, 'Received:' headers are most important for identifying sender's country. One reason is that - 'Received:' headers are most difficult to tamper with.

Any header element can be forged and faked ones inserted up to a point, as the headers are just textual data, and only the headers added by servers that you trust can be considered reliable.

Every time an e-mail moves through a new mail server, a new Received header line (and possibly other header lines) is added to the beginning of the headers list. This means that as you read the Received headers from top to bottom, you are gradually moving closer to the computer/person that sent you the e-mail.

But please note that as you read through the Received header fields and get closer to the computer/person that sent you the e-mail, you need to consider the possibility that the sender added one or more false Received header lines to the list (at the time, the senders beginning of the list) in an attempt to redirect you to another location and prevent you from finding the true sender. But, now that you know false header lines are possible, just stay alert.

Reading 'Received:' Header

Consider following e-mail header and its interpretation:

1. Received: from [216.136.225.35] (helo=web20024.mail.yahoo.com) 2. by arjuna.banijya.com with smtp (Exim 4.43) 3. id 1CPhNE-0002Qt-0T 4. for info@infobanc.com; Thu, 04 Nov 2004 07:09:56 -0600 5. Received: from [69.132.4.255] by web20024.mail.yahoo.com via 6. HTTP; Thu, 04 Nov 2004 05:09:53 PST

I have added line numbers for clarity and help in discussion - you will not see such line numbers in actual e-mail heading.

Interpretation

 Line 1 - 4 : Mail sever arjuna.banijya.com receives a mail for one of its clients (info@infobanc.com) from mail server web20024.mail.yahoo.com which has an IP address 216.136.225.35

Line 5 - 6 : Mail server web20024.mail.yahoo.com receives a mail from IP 69.132.4.255

By the way - IP stands for Internet Protocol. The Internet uses a technology to interlink millions of computers in its fold - TCP/IP. The core of this technology is called IP addressing or Internet Protocol addressing. Every computer connected to Internet is given a unique number for identification - called IP number. IP number is used to verify location and activities of any computer. Your ISP provider assigns you an IP address each time you connect to the Internet.

It is evident from header interpretation that actual sender is the one at the bottom of series of 'Received:' headers and the recipient is at the top. In other words, mail server web20024.mail.yahoo.com received an e-mail from IP address 69.132.4.255.

So IP address 69.132.4.255 is the sender of this e-mail.

Interestingly, this sender used a free web-based e-mail service (yahoo.com) to send this e-mail - still his/her identity can be traced using IP address 69.132.4.255 found in mail header.

Locating Sender's Country from IP Address

Spammers and fraudsters may forge many header elements like 'From:', 'Received-date:' etc. - but it is very difficult to change IP addresses inserted by mail servers. At best, they may insert fake 'Received': headers to confuse recipient.

Once you locate IP address of actual sender's mail server or computer, it is possible to locate geographical location or country.

In next issue, we shall discuss various free and paid Internet resources available for extracting information on a given IP address.

Happy and Productive Surfing
Author : Dr. Amit K. Chatterjee
(Amit worked in blue-chip Indian and MNCs for 15 years in various capacities like Research and Information Analysis, Market Development, MIS, R&D Information Systems etc. before starting his e-commerce venture in 1997. The views expressed in this columns are of his own.
Site Map | About Us | FAQ | Readers'  feedback | Exchange Link
Suggestion | Advertisement | Privacy Policy | Contact Us
All Rights Reserved. Copyright © 2006 Faida (www.faida.info) - Newsletter (e-zine) on export import trade
over internet (e-commerce) for manufacturers and exporters looking for opportunities in India and abroad