GENERAL INFO
• FAQs
• Website Terminology
• Color Chart
• FREE Stuff

DOCUMENTATION
• Client Email Instructions
• Website Statistics

SECURITY
• Internet Security
• Virus News
• Hoaxes & Scams
• Tracing Emails
• Canning SPAM
• Spammers Using My Email!
• Child Safety on the Internet
• Safe Sites for Kids

NEWS
• Learn More! Read Our Blog
• Industry News

What to do About Email Harassment and Scams

Spam, we all get it, but what if the unwanted emails you received were a step beyond SPAM and were either threatening or an attempt to thieve you of your identity? How would you be able to report this abuse? The answer to that question is slightly easier than you think.

First, you need to identify the sender. To do this you must view what is called the "internet headers" in your email program. If you are unsure how to do this, we have compiled instructions for the most commonly used email programs. The "headers" will look like this:

Return-Path: <myemailaddy@gmail.com> Wed Sep 06 11:58:25 2006
Received: from nf-out-0910.google.com [64.233.182.190] by cfd555.hostserver.net with SMTP;
Wed, 6 Sep 2006 11:58:25 -0400
Received: by nf-out-0910.google.com with SMTP id l24so254022nfc
for <emailaddy@roaringaardvark.com>; Wed, 06 Sep 2006 08:57:53 -0700 (PDT)

After you have viewed the headers, you need to identify the sender's IP (see bold text in above header example). The sender's IP is located near the top, usually mentioned twice or more. Once you have located the IP, cut and paste it into a browser and see what comes up. Is it a valid IP, such as Earthlink or Google? If so, try contacting the company and let them know what has been going on.

If you have difficulties determining the IP, keep in mind that the truly ruthless, spammers especially, will send out the message via a remailer in order to obtain anonymity. If you come across "X-Mailer" in the header, this means that the sender did indeed use a remailer. Normally the "X-Mailer" will be followed by the type of email remailer program that is being used. See example in bold below:

Return-Path: <emailaddy@roaringaardvark.com> Wed Sep 06 11:50:08 2006
Received: from nc-55-5-555-123.dyn.embarqhsd.net [55.5.555.123] by cfd113.cfdynamics.net with SMTP;
Wed, 6 Sep 2006 11:50:08 -0400
Reply-To: <emailaddy@roaringaardvark.com>
From: "Stacy Z." <emailaddy@roaringaardvark.com>
To: <emailaddy@roaringaardvark.com>
Subject:
Date: Wed, 6 Sep 2006 11:48:33 -0400
Organization: Roaring Aardvark Web Design
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_000E_01C6D1AA.63CECAA0"
X-Mailer: Microsoft Office Outlook, Build 11.0.5510
thread-index: AcbRy+hOYUZ4x5OdRTmn1oZnQOaL+Q==
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962
X-MS-TNEF-Correlator: 000000002E54B8965B07514FA5511773EA690CB404732200
X-NAS-BWL: No match found for 'emailaddy@roaringaardvark.com' (91 addresses, 0 domains)
X-NAS-Language: Lithuanian
X-NAS-Bayes: #0: 4.7624E-050; #1: 1
X-NAS-Classification: 0
X-NAS-MessageID: 1200
X-NAS-Validation: {31391EF3-B3AC-4F12-94D8-DC2DA45E9526}

Now, not every message containing an X-Mailer is spam, so it is not wise to filter out messages container an X-Mailer. However, most spam messages will have an X-Mailer. The email cannot be traced by the X-Mailer, however you may be able to trace the culprit via the SMTP, but keep in mind that most spammers will trick the system by either hacking or by creating a phony SMTP.