Monday, June 23, 2008

Taking a Header

I'm trying to remember to run email headers through http://headertool.apelord.com/ when I think of it.

Please keep in mind that I am no techno-geek and I'm learning all this as I go along so, just to share, this is their description:

This utility will analyse a block of text (usually e-mail headers) and provide information about any IP addresses it may contain. The report identifies the probable country for each IP, and gives you easy access to an ARIN Whois record and any Google Groups hits for the IP.

Tips:

  • Paste the entire header block from your e-mail. The utility will extract the IP addresses for you

  • Enter individual IP addresses or multiple ones (separated by spaces, commas, or carriage returns) to get a quick report

  • Some webmail clients don't record the sender's originating IP, so sometimes the report won't show you the true country of origin

  • Local network IPs (e.g., 127.0.0.1 or 192.168.1.11) are ignored as they are not meaningful for the report.

I'm still in the process of learning how to extract headers from the multitude of email sources so, at this exact moment in time, I'll offer up the information from http://www.data-wales.co.uk/nigerian_laundering.htm (and hope like heck that it's all up-to-date).


MAIL HEADERS. You will not normally see full headers when you read your mail but these can be important in investigating Internet fraud.

Microsoft Outlook Express for Windows: Right click on the message and select Properties. Choose the Details tab and select the Message Source Button. Copy the headers and send them along with the body of the email.

Microsoft Outlook: Click the View menu and select Options. You should see a pop up window "Message options" or similar. Notice the box called Internet headers near the bottom of the window. This box contains the full headers. To extract the contents, put your mouse pointer in the box and right-click then choose Select All. All the text in the box will then be highlighted.Right-click in the box again and this time choose Copy to copy the selected contents to the clipboard. You can then paste the full headers to an email you may be forwarding.

Windows Live mail: 1. Select the message that you want to view the header information. 2. Click the right button of your mouse and select "Properties". 3. Click on the "Details" tab. 4. Click "Message Source..." . 5. A new windows will open with the header information of the e-mail.

Gmail: (Thanks T.W.) "It took me a little while to work it out, one needs to click the "down arrow" next to the "Reply" indicator at the top-right of the message pane and select "Show Original", a new window page opens with all the header details. You then need to cut/copy all the text and paste it into your forwarding email."

Netscape Messenger 4.7 - 6: Open the email; go to the view menu; pull the 'Headers' menu over and click on 'all'. Highlight the message and headers displayed in the email and copy them into the email you send to us.

Netscape Messenger 6.2 and higher: Go to Netscape Messenger Inbox. Select View - Headers - All. Highlight the message and headers displayed in the email and copy them into the email you send to us.


Pegasus: Users of the excellent Pegasus for Windows will probably not need me to remind them of the Raw View tab and the option to include headers in the Reply and Forward dialogues.
Incredimail: In your mail program double click the email you would like to view, when it is open click on the FILE menu and choose PROPERTIES. When in the properties menu click on the DETAILS tab to view the Full Headers .

WEB MAIL HEADERS

Yahoo web mail: First you must turn on "Full Headers". From your Yahoo! mail account, click on "Mail Preference". Scroll down the page to "Message Headers" and click on the "all" radio button. Save your preferences at the bottom of the page.

Hotmail: First, configure your options: On the upper right "Options Help" links, click on "Options." Click on the "Mail Display Settings" link, find the item "Message Headers." Choose "Advanced" and click the "OK" button.

(If this is as clear as mud to you, my apologies ~ in lieu of me confusing you with further information, pop 'header analysis' into your favourite search engine and go for broke! I'll be along at some time meself.)

No comments:

So How Come?

My photo
I have two blogs at the moment - Here Be Dragons which is devoted to rental scams primarily sourced through Craigslist although the proliferation of free ad sites has widened the hunting grounds. Many additions come from other sources (ie: blogs/anti-scam sites/online community ad sites) or are provided by people who want to share their experiences. There Ain't No Such Thing As A Free Lunch is for copies of scammail that I find in my mailboxes ~ sometimes I can't resist the odd acerbic comment but for the most part I post 'em because the more that people do, the fewer fools they get to gull. Dunno what to say about me that would be very interesting ~ I'm a granny who reads, gardens and crafts as the mood strikes me. :) I don't particularly care for the social predators on this planet and this blog is part of my way of saying so.