[ARCHIVED THREAD] - Email question

Posted: 3/16/2005 11:21:39 AM EDT

Is it possible to determine what computer an email was sent from?

Posted: 3/16/2005 11:26:43 AM EDT

[#1]

Quoted:
Is it possible to determine what computer an email was sent from?

techinaly, yes, praticaly, no.

Posted: 3/16/2005 11:35:00 AM EDT

[#2]

Quoted:
Quoted:
Is it possible to determine what computer an email was sent from?

techinaly, yes, praticaly, no.

Agree Yes and NO.

this is a email header.

From - Wed Mar 16 14:47:00 2005
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
Return-Path:<owner-nolist-BUSINESS_ALERT-050316P-p70w0se3*[email protected]*[email protected]>
Received: from [205.203.128.130] by Mail.Server.com (GMS
10.03.3304/KX5895.00.ca84ca0a) with ESMTP id raexcaaa for
[email protected]; Wed, 16 Mar 2005 14:47:24 -0500
Received: from SBKPRDLISTSERV2 (172.26.150.171) by MAIL3.DOWJONES.COM (LSMTP for Windows NT v1.1b) with SMTP id <[email protected]>; Wed, 16 Mar 2005 14:45:44 -0500
To: [email protected]
Message-ID: <6894358.1111002291579.JavaMail.SYSTEM@SBKPRDMAESTRO1>
Date: Wed, 16 Mar 2005 14:44:51 -0500 (EST)
From: WSJ.com Editors <[email protected]>
Subject: NEWS ALERT: J.P. Morgan Chase Settles WorldCom Suit
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
X-AntiSpam: Checked for restricted content by Gordano's AntiSpam Software

If you look at this we can figure out where it came from
Received: from SBKPRDLISTSERV2 (172.26.150.171) by MAIL3.DOWJONES.COM (LSMTP for Windows NT v1.1b)

SBKPRDLISTSERV2 (172.26.150.171) here is the piece we care about

Note this all can be faked that is the NO part.
at which point you need access to the server and routers logs.

[ARCHIVED THREAD] - Email question

Warning

Confirm Action

[ARCHIVED THREAD] - Email question

[ARCHIVED THREAD] - Email question