EMAIL BASICS

EMAIL INBOX ISSUES

TRACING EMAILS

TRACE REPORTS

GENERAL


 
Q: What are email ‘Internet Headers’?

A: Internet headers show the path of an email from its origin to destination. When an email travels across the Internet it passes through servers that route the email to its final destination. Each routing server that handles the email adds a record into the email header to identify itself, indicating where it was received from and where it was then sent to, providing an useful audit trail should something go wrong during the email's journey across the Internet. Please see the email trace tutorial for a complete discussion of Internet headers.

 
Q: How do I find the header of an email message?

A: That depends on the email application program you are using. For instance, in most versions of Microsoft Outlook Express, right mouse click on an email in your inbox, select 'Properties', then the 'Details' tab to view the headers. If you are using the full version of Microsoft Outlook, you can trace an email message directly from Outlook by clicking the eMailTrackerPro shortcut in the Outlook toolbar. Finding the header in other email applications.

To trace the email message using the message header, highlight the entire header, copy it, then open eMailTrackerPro from the ‘Start, Programs’ menu or the Windows system tray icon, and paste the header in the header box.

 
Q: What is ‘misdirection’?

A: Spammers and fraudsters commonly modify or add bogus information to the email header in an attempt to hide their identify, a technique known as ‘misdirection’. To combat this, eMailTrackerPro performs a number of validation tests to weed out the misdirected information from the real information and find the real location of the spammer. When misdirection is detected a notification is provided in the analysis report.

An important aspect of misdirection is that it normally denotes illegal activity, the process of modifying a message to hide the true source most often used by spammers, scammers and fraudsters.

 
Q: What is ‘phishing’?

A: Phishing is a technique used to steal personal information such as credit card account details that is then used for fraudulent purchases or even identity theft. Phishers send email messages that appear to be from a bank or other well-known business, indicating your account needs updating or a similar trick to request confidential information. It is good practice to never click a link in email message to that requests confidential information -- it is safer to go directly to the site in your web browser. With eMailTrackerPro, you can quickly analyze a suspicious message to help verify an email message is from a location and entity you expect.

 
Q: Why do the emails I set for deletion not delete?

A: When the emails you want to be deleted have been set to 'Yes' in the delete column you need to then process the emails. First of all set the emails you want deleted to yes as shown below: (note this will not delete the email until the emails are processed).

Once all the emails you want to be deleted are set to 'Yes' then click on the 'Check mail' drop down button just above the delete column as shown below:

Choosing any option with 'Delete' in will process the mail and delete any email set to 'Yes' in the delete column.

If you are doing this an emails are still not being deleted then contact support.

 
Q: What is the difference between tracing an email address and tracing an email message?

A: Tracing an email address (i.e. name@company.com) reports the mail server for the address, and is useful for identifying the company and network providing service for the address, it does not provide specific information about the sender. As email addresses can be easily forged, the information provided may not be reliable for purposes of investigating and reporting email abuse.

Tracing an email message provides much more information regarding the sender. Each email message includes an Internet header with valuable information, eMailTrackerPro analyzes the message header and reports the IP address of the computer where the message originated, its estimated location, the individual or organization the IP address is registered to, the network provider, and additional information as available.

Q: Why is there no eMailTrackerPro icon in my Outlook Express toolbar?

A: eMailTrackerPro provides a plug-in toolbar icon for the full version of Microsoft® Outlook and not Outlook Express, which does not support toolbar icon plugins. To use eMailTrackerPro with Outlook Express, please refer to the online manual.

 
Q: Does eMailTrackerPro work with email programs other than Microsoft Outlook?

A: eMailTrackerPro adds a toolbar plugin to Microsoft Outlook for one-click email analysis, but emails received with most other programs can also be easily analyzed by importing the Internet headers. For details, please see the online manual.

 
Q: I have installed eMailTrackerPro but I can't see the toolbar in Outlook, what do I have to do?

A: First of all make sure you have MS Outlook 2002+. Earlier versions do not support the eMailTrackerPro toolbar.

If you have MS Outlook 2002+ and cannot view the toolbar try restarting your machine. Once the reboot has taken place start Outlook and the eMailTrackerPro toolbar should be present.

If this still does not work then try the following:

  • In Outlook go to the Tools menu and choose Options.
  • Go to the Other tab and click the Advanced Options... button.
  • At the bottom of this dialog box click the COM Add-Ins button.
  • There should be an eMailTrackerPro entry reading eMailTrackerPro Object.
  • If this is present and you don't see the toolbar then highlight the eMailTrackerPro Object and click the Remove button to remove the object.
  • Restart Outlook, go back to the COM Add-Ins window and click the Add button.
  • Now browse to your eMailTrackerPro install directory (default c:\Program Files\eMailTrackerPro)
  • Locate the emt-outlook.dll, highlight it, and clic the Ok button.
  • Restart Outlook and the button should be in place in the toolbar.

 
Q:  Does eMailTrackerPro work with email messages that have been forwarded?

A: For an email that has been forwarded, the source of the email will be shown as the person who forwarded the email. However, if the email was forwarded as attachment, eMailTrackerPro can be run on the attachment instead of the forwarded mail, which will report the original sender. To do this with in Microsoft Outlook, open the email attachment, then go to ‘View, Options’ and copy the entire email header, then go to ‘File, Import Headers’ in eMailTrackerPro.

The email header can also be pasted as text into a new email message and forwarded in the message body for analysis.

 
Q: Can an email message be traced regardless of when it was sent?

A: As IP addresses can change periodically, tracing an email message will provide the most accurate results when the message is first received. The older an email message is, the higher the possibility that the IP address in the message header may not pertain to computer the message was sent from.

Q:  Does eMailTrackerPro work with AOL email messages?

A: Due to AOL's network routing, AOL messages show as originating in the AOL Manassas or Sterling, Virginia data center. eMailTrackerPro does work with most all other email services, including Yahoo, Hotmail, MSN, etc.


Q: Why do the Internet applications running at the destination matter?

A: The type of applications running on a target system is useful information for investigating IP addresses or Internet hosts, as it can provide insight into the ownership and geographical location. The most common applications on the Internet are web servers (websites), mail servers (email) and file transfer servers (file downloads). As an example, web server applications (such as www.visualware.com) are particularly useful because web pages along the lines of ‘contact us’ often exist to provide details such as names, phone numbers and other contact related information.


Q: What is the significance of a private computer in the in-depth analysis of the identification report ?

A: Emails composed on an individual's private computer (as opposed to a company computer) often 'leak' the computer name which can provide clues to the sender's identity. As an individual normally selects the name for their own computer, it is often owner/user's real name or alias name as 'johny456'. During the email trace analysis, eMailTrackerPro performs a lookup of the computer name in public name servers. If no match is found, it indicates that either a public name has changed since you received the email (which is not likely unless the email is very old), or most probably it is the actual private name given to the computer by the owner/user that composed the email. In these cases the computer name may be a clue to the sender's identity.

Q: What does ‘unknown’ in the route table of the identification report mean?

A: Occasionally a router on the Internet does not respond correctly to an inbound packet. This is usually due to high traffic at the hop, but occasionally it is because the router does not conform to standards correctly. When this happens the router in question does not correctly identify itself and is indicated by 'unknown' in the route table of the identification report.

Q: What does ‘private’ in the route table of the identification report mean?

A: Private networks incorporate IP addresses that are reserved for internal use of a company or organization. The route table of the identification report will not show the geographical location for any hops on a private use network as they use pseudo IP addresses.

 
Q:  Why are database updates important?

A: With Internet changes, encompassing new networks, extensions to old networks, new routers, new IP devices and new user's, happening every minute any IP-to-location database rapidly loses value as the results become more inaccurate with passing time. It is therefore important that any IP geo-location database is updated and maintained on a regular basis. Many of the network changes will affect IP ownership details including the important contact information for IP addresses and Domains. Maintaining up-to-date IP network information ensures that tracked locations are more precise and helps to further qualify the ownership and accuracy of the final location being tracked.

 
Q:  How do I report spam or other email abuse?

A: Spam and email abuse reports should be directed to the sender's network provider (ISP). The network owner and the abuse reporting contact information is provided in the identification report. To use the automated reporting option, right-click on the Visualware logo in the Windows system tray (normally at the right side of the Windows task bar), and select the 'Abuse Reporting' menu option. Details.


Q: Why is there no location information in the map or route table?

A: If no location information is shown it is most likely due to a firewall blocking access to port 43, which is used for Whois and IP location lookups. Check your firewall or with your network administrator, to open port 43 for incoming/outgoing ICMP and outgoing TCP.

 
Q:  What if I need support?

A: Simply submit a Support Request and we will be pleased to help you implement eMailTrackerPro or answer any questions you may have.
Microsoft® and Outlook® are registered trademarks of Microsoft Corporation.
  Copyright © 1997-2007 Visualware Inc. · All Rights Reserved