Spam pisses me off. Especially when people are being spammed with your name behind an email address ... especially.

To track down someone via an email is actually fairly simple. Lets assume you receive a very lewd email that you don't appreciate and well you just want to know who it is.

Every single time you or anyone connects to the internet they are given an address, an IP address. It's a 4 part address, each part having 3 digits. Each part has its own significance as the link describes. A server is basically a computer that connects to the internet to provide services, hence it too has an IP address. A person connecting to that server also has an IP address, you [yes, you reading this] also have one. Get to know your IP address.

The service that translates or looks up a host name from an IP address or vice versa is called a Domain Name Service or DNS.

1] You need to have an email. An email represents a connection between the receiver [you] and the sender [pervert] over time. When an email is sent, it doesn't reach its destination promptly. The email may or may not be routed to the receivers inbox via more than one servers. When the receiver accesses his/her inbox the email is downloaded onto their machine. Each email has a data structure called a "header".

This contains all the information such as the senders IP address, the IP addresses of all the servers it made pitstops at (i.e. the route it took).

2] To view your Email's headers in Yahoo! or Hotmail all you have to do is change some settings in your account preferences. This URL documents how to do the same for various common providers:
To view email headers .

3] Lets take this by example. Now suppose I send me an email. This is what the header looks like.


Image hosted by Photobucket.com


The highlighted part is what we're interested in.

You [i.e. your inbox] received an email from 209.132.177.30 (hormal.redhat.com) via SMTP (Send Mail Transfer Protocol) on 19th August, 2005 at 09:41:50 (GMT - 7:00).

209.132.177.30 (hormel.redhat.com) received the message from listman.util.phx.redhat.com via listman.util.phx.redhat.com whose IP address is 10.8.4.110 on 19th August 2005, at 12:41:38 (GMT -04:00).

Hence you're original sender is listman.util.phx.redhat.com (10.8.4.110).

Now you have the IP address you need. We need to reference a location from this address.

4] Use the tools here at DNSStuff to perform geographical lookups. The only, if not the most significant limitation to this lookup is that the depth is only upto the city. It won't and can't address locations within a city. What you will have to do is either contact you're local law enforcement, file a complaint. With that foundation you could approach your local ISPs and narrow it down to a person.

Some IP addresses are owned privately and remain static. All IP addresses with the first number as 10 (10.0.0.0) are private IPs. the lookup at DNSStuff provides:

IP: 10.0.0.0
Country: [Private IP]
City: Unknown

Private IP? Yes
Known Proxy? No

In such cases you do a "WHOIS" lookup and hopefully get some information. For the same address (10.0.0.0) a WHOIS provided me with:

Location: [Private IP]

NOTE: More information appears to be available at IANA-IP-ARIN.

Using 0 day old cached answer (or, you can get fresh results).
Hiding E-mail address (you can get results with the E-mail address).


OrgName: Internet Assigned Numbers Authority
OrgID: IANA
Address: 4676 Admiralty Way, Suite 330
City: Marina del Rey
StateProv: CA
PostalCode: 90292-6695
Country: US

NetRange: 10.0.0.0 - 10.255.255.255
CIDR: 10.0.0.0/8
NetName: RESERVED-10
NetHandle: NET-10-0-0-0-1
Parent:
NetType: IANA Special Use
NameServer: BLACKHOLE-1.IANA.ORG
NameServer: BLACKHOLE-2.IANA.ORG
Comment: This block is reserved for special purposes.
Comment: Please see RFC 1918 for additional information.
Comment:
RegDate:
Updated: 2002-09-12

OrgAbuseHandle: IANA-IP-ARIN
OrgAbuseName: Internet Corporation for Assigned Names and Number
OrgAbusePhone: +1-310-301-5820
OrgAbuseEmail: *****@iana.org

OrgTechHandle: IANA-IP-ARIN
OrgTechName: Internet Corporation for Assigned Names and Number
OrgTechPhone: +1-310-301-5820
OrgTechEmail: *****@iana.org

# ARIN WHOIS database, last updated 2005-12-27 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.

So that's basically how it all works. If you're in Pune or are interested in how Cyber Crime works in Pune, there is an established Cyber Cell at Pashan. ASCL, Pune.

"Fuck this shit, I'm sick of it
You're goin down, this is a war! "