Ok so i have received this email on my gmail…and its from an unknown id. Is there any way to find out more about who the id belongs to? The name attached to it or even the place it is coming from?
this is imp!
Re: Urgent help
Click on the Show original option and it should show you the header information for the email
On the 2nd line you should see an ip address:
Received: by 10.220.181.202 with SMTP id bz10csp52743vcb;
Fri, 29 Aug 2014 11:35:32 -0700 (PDT)
Lookup the IP (the part with numbers and decimals above- 10.220.181.202) using an IP address lookup tool (use google to search for one). Should give you some information on where it originated from.
Hope this helps
Re: Urgent help
Thanks!
Already did it and yes figured where it is from. I'm all the more confused now.
I feel you can actually tell more from that header info such as what time zone the email was sent from so that should help verify the results also maybe. And there must be more!
Re: Urgent help
Here is the breakdown of the header information from the email:
Standard Message Header Fields
Sample Message Header:
Return-path: <[email protected]>
Delivery-date: Wed, 13 Apr 2011 00:31:13 +0200
(3)Received: from mailexchanger.recipientdomain.tld([ccc.ccc.ccc.ccc])
by mailserver.recipientdomain.tld running ExIM with esmtp
id xxxxxx-xxxxxx-xxx; Wed, 13 Apr 2011 01:39:23 +0200
(2)Received: from mailserver.senderdomain.tld ([bbb.bbb.bbb.bbb] helo=mailserver.senderdomain.tld)
by mailexchanger.recipientdomain.tld with esmtp id xxxxxx-xxxxxx-xx
for [email protected]; Wed, 13 Apr 2011 01:39:23 +0200
(1)Received: from senderhostname [aaa.aaa.aaa.aaa] (helo=[senderhostname])
by mailserver.senderdomain.tld with esmtpa (Exim x.xx)
(envelope-from <[email protected]) id xxxxx-xxxxxx-xxxx
for [email protected]; Tue, 12 Apr 2011 20:36:08 -0100
Message-ID: <[email protected]>
Date: Tue, 12 Apr 2011 20:36:01 -0100
X-Mailer: Mail Client
From: Sender Name <[email protected]>
To: Recipient Name <[email protected]>
Subject: Message Subject
Return Path: The email address which should be used for bounces. The mailserver will send a message to the specified email address if the message cannot be delivered
Delivery-date: The data the message was delivered
Date: The date the message was sent
Message-ID: The ID of the message
X-Mailer: The mail client (mail program) used to send the message
From: The message sender in the format: "Friendly Name" <[email protected]>
To: The message recipient in the format: "Friendly Name" <[email protected]>
Subject: The message subject
The From: line, which contains the sender of the message could be faked easily, so you should not rely on this information.
The lines in green contain the routing information, from the senders computer to the recipients mailserver.
Lets take a closer look at these lines:
(3) Received: from senderhostname [aaa.aaa.aaa.aaa] (helo= senderhostname])
by mailserver.senderdomain.tld with esmtpa (Exim x.xx)
(envelope-from <[email protected]) id xxxxx-xxxxxx-xxxx
for [email protected]; Tue, 12 Apr 2011 20:36:08 -0100
(3) The message was sent from the senders computer with the IP address aaa.aaa.aaa.aaa to the mailserver of the sender. In many cases the sender IP aaa.aaa.aaa.aaa is a dynamic IP address, e.g. DSL. The IP address gives many informations about the sender, the location of the sender and the provider.
(2) Received: from mailserver.senderdomain.tld ([bbb.bbb.bbb.bbb] helo=mailserver.senderdomain.tld)
by mailexchanger.recipientdomain.tld with esmtp
id xxxxxx-xxxxxx-xx
(2) The message was transfered from the senders mailserver with the IP address bbb.bbb.bbb.bbb to the recipients mailexchanger. The mailexchanger is the mailserver, which accepts incoming messages for a domain.
(1) Received: from mailexchanger.recipientdomain.tld([ccc.ccc.ccc.ccc])
by mailserver.recipientdomain.tld running ExIM with esmtp
id xxxxxx-xxxxxx-xxx; Wed, 13 Apr 2011 01:39:23 +0200
(1) The message was finally received by the recipients mailserver from the the recipients mailexchanger ccc.ccc.ccc.ccc.
This is only a sample, which should show the principles. The message routing can contain much more steps, depending on the used mailprovider. It should always be possible to see the sender computer IP address aaa.aaa.aaa.aaa and the sender mailserver bbb.bbb.bbb.bbb if the message was sent from a mail client and a client computer. If the message was sent from a webmail client, then the real IP address of the sender is not included - in this case aaa.aaa.aaa.aaa (if any) will be the IP address of the webmail.
Some might try to fake the routing information, but your mailserver should give you a warning that something is not correct during the transfer from the sender mailserver bbb.bbb.bbb.bbb to the recipient mailexchanger ccc.ccc.ccc.ccc.
https://www.arclab.com/en/amlc/how-to-read-and-analyze-the-email-header-fields-spf-dkim.html
Re: Urgent help
Or just reply to that email and ask who it's from ... Simple :)
Re: Urgent help
Or just reply to that email and ask who it's from ... Simple :)
Uh huh! aren't we so funny :D.
Re: Urgent help
If it is a threatening email of a potential fraud then contact law enforcement, they will find out otherwise ignore it and move on to your next project.
Re: Urgent help
Or just reply to that email and ask who it's from ... Simple :)
Like....Wify, is that you?
Re: Urgent help
Or more like … can you please tell me your boy friend password 
Re: Urgent help
What’s so funny?
Re: Urgent help
forward me the email. I’ll take care of it…
Re: Urgent help
Believe me, main aisa zulm kisi k saath nahi karna chahon gi! It was dosgusting puke.