Originally Posted By PointlessSilly:
Originally Posted By Rodent:
Is it possible to determine what computer an email was sent from?
techinaly, yes, praticaly, no.
Agree Yes and NO.
this is a email header.
From - Wed Mar 16 14:47:00 2005
Received: from [18.104.22.168] by Mail.Server.com (GMS
10.03.3304/KX5895.00.ca84ca0a) with ESMTP id raexcaaa for
joeBlow@somedomain.com.COM; Wed, 16 Mar 2005 14:47:24 -0500
Received: from SBKPRDLISTSERV2 (172.26.150.171) by MAIL3.DOWJONES.COM (LSMTP for Windows NT v1.1b) with SMTP id <5.00000668@MAIL3.DOWJONES.COM>; Wed, 16 Mar 2005 14:45:44 -0500
Date: Wed, 16 Mar 2005 14:44:51 -0500 (EST)
From: WSJ.com Editors <email@example.com>
Subject: NEWS ALERT: J.P. Morgan Chase Settles WorldCom Suit
Content-Type: text/plain; charset=ISO-8859-1
X-AntiSpam: Checked for restricted content by Gordano's AntiSpam Software
If you look at this we can figure out where it came from
Received: from SBKPRDLISTSERV2 (172.26.150.171) by MAIL3.DOWJONES.COM (LSMTP for Windows NT v1.1b)
SBKPRDLISTSERV2 (172.26.150.171) here is the piece we care about
Note this all can be faked that is the NO part.
at which point you need access to the server and routers logs.