Quoted:
Quoted: Is it possible to determine what computer an email was sent from?
|
techinaly, yes, praticaly, no.
|
Agree Yes and NO.
this is a email header.
From - Wed Mar 16 14:47:00 2005 X-Mozilla-Status: 0001 X-Mozilla-Status2: 00000000 Return-Path:<owner-nolist-BUSINESS_ALERT-050316P-p70w0se3*[email protected]*[email protected]> Received: from [205.203.128.130] by Mail.Server.com (GMS 10.03.3304/KX5895.00.ca84ca0a) with ESMTP id raexcaaa for [email protected]; Wed, 16 Mar 2005 14:47:24 -0500 Received: from SBKPRDLISTSERV2 (172.26.150.171) by MAIL3.DOWJONES.COM (LSMTP for Windows NT v1.1b) with SMTP id <[email protected]>; Wed, 16 Mar 2005 14:45:44 -0500 To: [email protected] Message-ID: <6894358.1111002291579.JavaMail.SYSTEM@SBKPRDMAESTRO1> Date: Wed, 16 Mar 2005 14:44:51 -0500 (EST) From: WSJ.com Editors <[email protected]> Subject: NEWS ALERT: J.P. Morgan Chase Settles WorldCom Suit Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-AntiSpam: Checked for restricted content by Gordano's AntiSpam Software
|
If you look at this we can figure out where it came from
Received: from SBKPRDLISTSERV2 (172.26.150.171) by MAIL3.DOWJONES.COM (LSMTP for Windows NT v1.1b)
SBKPRDLISTSERV2 (172.26.150.171) here is the piece we care about
Note this all can be faked that is the NO part.
at which point you need access to the server and routers logs.