Main Navigation

Browse Search Suggest an article!
Home : E-mail : Config/Setup : Windows Guide : Outlook 2002/XP/2003
Q10031 - HOWTO: Outlook 2002/XP/2003 - Locating the source of an e...
Print Article Email Article

Outlook 2002/XP/2003 - Locating the source of an e-mail

Aim of this article:

This article provides a guide to viewing e-mail message headers in Outlook 2002/XP/ 2003, and locating the source of an e-mail.

Note that screenshots are from Outlook 2002/XP, but the method is identical in Outlook 2003.

Why would I need to do this?

If you have received unsolicited e-mail you may wish to report it to the ISP who hosts the sending machine, so they may take action to prevent further abuse.

You may also need to provide the message headers for Technical Support so as to help with diagnosing problems experienced with e-mail.

Locating the message headers:

Begin by opening Outlook and then your Inbox.

Outlook 2002 - Message Headers

Select the message from those listed in your Inbox by right clicking on it.

A menu will appear, as shown above.  Click Options.

Outlook 2002 - Message Headers

You will see something similar to the image above.  The message headers are located in the box labelled Internet headers.  You can copy and paste these elsewhere if required.

NOTE: E-mail addresses have been masked in the above image.  The black blocks would not appear in your message headers.

Outlook 2002 - Message Headers

The parts of the header which identify the source are shown above.

This shows the logical chain of servers and hosts involved in the transfer of the e-mail. 

The first host is always listed on the same line as the last Received: heading.

A simplified version of this chain would be as follows:

office-162.zen.co.uk -> heisenberg.zen.co.uk -> feynman.zen.co.uk

It is important to note that the name of the host could be forged.  It is more reliable to trust the IP address.  Therefore, from the line:

Received: from office-162.zen.co.uk ([212.23.9.162] helo=SIM)

We would be interested in the IP: 212.23.9.162, as it is the verified source of the message.

If the IP listed on the last Received: line is a private IP, then the next Received: line above that should be examined to determine the IP which has passed the e-mail to the Internet.

Further reading:

See the link in Related Articles for details on identifying who is responsible for hosts on particular IP addresses.
Created on 3/10/2004. Last Modified on 9/12/2006.
Article has been viewed 2082 times. Rated 5 out of 10 based on 3 votes.
Related Articles
Find contact details for an IP address

Article Attachments
No Attachments Available.

Related External Links
No Related Links Available.
Help us improve this article...
What did you think of this article?

poor 		 1
 2
 3
 4
 5
 6
 7
 8
 9
 10
 excellent
Tell us why you rated the content this way. (optional)
 
Approved Comments...
No user comments available for this article.