If there was an actual email involved, what would that show in the header? Does a Mac address come up?
No MAC address but you should be able to see the IP Addresses of the servers that relayed the message. Additionally, the IP Address or host name of the machine that initially made the submission to a server will be posted in the message. The IP address of the computer that initially submitted the email can be tracked back to a computer that owned the IP lease, maybe – Provided the author did not use a public hotspot with fake credentials. As discussed before obtaining any records from ISP's or public hotspots would require legal involvement.
Thanks, it looks like there is abotu 4 different ip's listed in the header, none really seem to be in an area anywhere near what we think the origin is?
Hi to ALL
I have done a number of investigations involving myspace / bebo / hello / piczo. etc
having briefly read this, i agree with some people and not others.
I would like to make a point to the original poster and his sister, and mother.
Please look at this as a lesson, do not under any circumstances take for granted "people are who they say they are".
Aulthough I work as a senior computer forensic analyst over here in the U.K. 99% of my work is for law enforcement agencies, and issues regarding these kind of websites are on the increase.
Regards
Simon
Mitch, could you elaborate on what you agree on and what you dont? thanks!