eMailTrackerPro®

Overview  |  FAQ  |  Awards & Reviews  |  User Testimonials  |  E-mail Tracking Tutorial  |  Buy Now

Frequently Asked Questions

Email Basics

• What are email ‘Internet headers’?
• How do I find the header of an email message?
• What is ‘misdirection’?
• What is ‘phishing’?

Tracing Emails

• What is the difference between tracing an email address and tracing an email message?
• Why is there no eMailTrackerPro icon in my Outlook®, Express toolbar?
• Does eMailTrackerPro work with email programs other than Microsoft® Outlook?
• Does eMailTrackerPro work with email messages that have been forwarded?
• Can an email message be traced regardless of when it was sent?
• Does eMailTrackerPro work with AOL email messages?

Trace Reports

• Why do the Internet applications running at the destination matter?
• What is the significance of a private computer in the in-depth analysis of the identification report?
• What does ‘unknown’ in the route table of the identification report mean?
• What does ‘private’ in the route table of the identification report mean?

General

• How do I report spam or other email abuse?
• Why is there no location information in the map or route table?

Q: What are email ‘Internet Headers’?

A: Internet headers show the path of an email from its origin to destination. When an email travels across the Internet it passes through servers that route the email to its final destination. Each routing server that handles the email adds a record into the email header to identify itself, indicating where it was received from and where it was then sent to, providing an useful audit trail should something go wrong during the email's journey across the Internet.

Q: How do I find the header of an email message?

A: That depends on the email application program you are using. For instance, in most versions of Microsoft Outlook Express®, right mouse click on an email in your inbox, select 'Properties', then the 'Details' tab to view the headers. If you are using the full version of Microsoft Outlook®, you can trace an email message directly from Outlook by clicking the eMailTrackerPro shortcut in the Outlook toolbar.

To trace the email message using the message header, highlight the entire header, copy it, then open eMailTrackerPro from the ‘Start, Programs’ menu or the Windows® system tray icon, and paste the header in the header box.

Q: What is ‘misdirection’?

A: Spammers and fraudsters commonly modify or add bogus information to the email header in an attempt to hide their identify, a technique known as ‘misdirection’. To combat this, eMailTrackerPro performs a number of validation tests to weed out the misdirected information from the real information and find the real location of the spammer. When misdirection is detected a notification is provided in the analysis report.

An important aspect of misdirection is that it normally denotes illegal activity, the process of modifying a message to hide the true source most often used by spammers, scammers and fraudsters.

Q: What is ‘phishing’?

A: Phishing is a technique used to steal personal information such as credit card account details that is then used for fraudulent purchases or even identity theft. Phishers send email messages that appear to be from a bank or other well-known business, indicating your account needs updating or a similar trick to request confidential information. It is good practice to never click a link in email message to that requests confidential information -- it is safer to go directly to the site in your web browser. With eMailTrackerPro, you can quickly analyze a suspicious message to help verify an email message is from a location and entity you expect.

Q: What is the difference between tracing an email address and tracing an email message?

A: Tracing an email address (i.e. name@company.com) reports the mail server for the address, and is useful for identifying the company and network providing service for the address, it does not provide specific information about the sender. As email addresses can be easily forged, the information provided may not be reliable for purposes of investigating and reporting email abuse.

Tracing an email message provides much more information regarding the sender. Each email message includes an Internet header with valuable information, eMailTrackerPro analyzes the message header and reports the IP address of the computer where the message originated, its estimated location, the individual or organization the IP address is registered to, the network provider, and additional information as available.

Q: Why is there no eMailTrackerPro icon in my Outlook Express toolbar?

A: eMailTrackerPro provides a plug-in toolbar icon for the full version of Microsoft® Outlook and not Outlook Express, which does not support toolbar icon plugins.

Q: Does eMailTrackerPro work with email programs other than Microsoft Outlook?

A: eMailTrackerPro adds a toolbar plugin to Microsoft Outlook for one-click email analysis, but emails received with most other programs can also be easily analyzed by importing the Internet headers.

Q:  Does eMailTrackerPro work with email messages that have been forwarded?

A: For an email that has been forwarded, the source of the email will be shown as the person who forwarded the email. However, if the email was forwarded as attachment, eMailTrackerPro can be run on the attachment instead of the forwarded mail, which will report the original sender. To do this with in Microsoft Outlook, open the email attachment, then go to ‘View, Options’ and copy the entire email header, then go to ‘File, Import Headers’ in eMailTrackerPro.

The email header can also be pasted as text into a new email message and forwarded in the message body for analysis.

Q: Can an email message be traced regardless of when it was sent?

A: As IP addresses can change periodically, tracing an email message will provide the most accurate results when the message is first received. The older an email message is, the higher the possibility that the IP address in the message header may not pertain to the computer from which the message was sent.

Q:  Does eMailTrackerPro work with AOL email messages?

A: Due to AOL's network routing, AOL messages show as originating in the AOL Manassas or Sterling, Virginia data center. eMailTrackerPro does work with most all other email services, including Yahoo, Hotmail, MSN, etc.

Q: Why do the Internet applications running at the destination matter?

A: The type of applications running on a target system is useful information for investigating IP addresses or Internet hosts, as it can provide insight into the ownership and geographical location. The most common applications on the Internet are web servers (websites), mail servers (email) and file transfer servers (file downloads). As an example, web server applications (such as www.visualware.com) are particularly useful because web pages along the lines of ‘contact us’ often exist to provide details such as names, phone numbers and other contact related information.

Q: What is the significance of a private computer in the in-depth analysis of the identification report?

A: Emails composed on an individual's private computer (as opposed to a company computer) often 'leak' the computer name which can provide clues to the sender's identity. As an individual normally selects the name for their own computer, it is often owner/user's real name or alias name as 'johny456'. During the email trace analysis, eMailTrackerPro performs a lookup of the computer name in public name servers. If no match is found, it indicates that either a public name has changed since you received the email (which is not likely unless the email is very old), or most probably it is the actual private name given to the computer by the owner/user that composed the email. In these cases the computer name may be a clue to the sender's identity.

Q: What does ‘unknown’ in the route table of the identification report mean?

A: Occasionally a router on the Internet does not respond correctly to an inbound packet. This is usually due to high traffic at the hop, but occasionally it is because the router does not conform to standards correctly. When this happens the router in question does not correctly identify itself and is indicated by 'unknown' in the route table of the identification report.

Q: What does ‘private’ in the route table of the identification report mean?

A: Private networks incorporate IP addresses that are reserved for internal use of a company or organization. The route table of the identification report will not show the geographical location for any hops on a private use network as they use pseudo IP addresses.

Q:  How do I report spam or other email abuse?

A: Spam and email abuse reports should be directed to the sender's network provider (ISP). The network owner and the abuse reporting contact information is provided in the identification report. To use the automated reporting option, right-click on the Visualware logo in the Windows system tray (normally at the right side of the Windows task bar), and select the 'Abuse Reporting' menu option.

Q: Why is there no location information in the map or route table?

A: If no location information is shown it is most likely due to a firewall blocking access to port 43, which is used for Whois and IP location lookups. Check your firewall or with your network administrator, to open port 43 for incoming/outgoing ICMP and outgoing TCP.

- only $34.95!