Email is, at its core, a plain text transmission of information – not just from one recipient to another, but from one mail server to another. Just like a passport used for international travel, each “stop” on the email’s journey is “stamped” into its headers. That makes tracing the origin of legitimate email a fairly straightforward task once one knows how to find the full email headers of a message, and then how to read them.
There’s just one problem: just about every single line of text in an email header can be forged. And in spam or malware-spawned messages, that forgery is commonplace. In fact, only the Received: lines that are created by your own service provider or computer can be completely trusted.
So how does one trace one of these illegitimate / forged emails back to its true source? Truthfully, most of the time, one cannot. Law enforcement officers usually have a level of access and “pull” to mine this information, but most of us regular Joes do not.
But what one can do is get a pretty decent idea of whether an email is legitimate or not, i.e. whether it comes from the person it says it does, or not. And in most cases, that’s the most important information to verify.
Trying to verify a suspicious email message of your own? Here are some resources that will prove helpful.
Extremely useful online tool: