Originally published at: http://www.howtogeek.com/169539/how-can-i-find-out-where-an-email-really-came-from/
Just because an email shows up in your inbox labeled Bill.Smith@somehost.com, doesn’t mean that Bill actually had anything to do with it. Read on as we explore how to dig in and see where a suspicious email actually came from.
This reminds me of a situation at work where we discovered an IP making a huge number of requests to our server, I did some investigation and emailed their service provider to ban them for spam. The service provider promptly emailed back with a screenshot of the headers of the email I had just sent...it was the same IP.
Any idea where I can read the whole e-mail? I like reading stuff I know is a scam.
I would add host -t TXT domain.com. The sending email server may not be on the MX list but may be part of the SPF records.
This topic is now closed. New replies are no longer allowed.