Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

How Do I Send an Email that Can’t Be Traced Back to Me?

There are problems at work that I need to inform my main office about. The problem I’m having is that the emails sent to the office are seen by several people if I send them at work. If I send from home, my personal email address will be revealed and I need to remain anonymous. The politics at my workplace are vicious to say the least. What software is available so that I can send them an anonymous email and my email address be hidden?

This is a surprisingly common situation.

It’s also surprisingly easy to get caught, even if you do take steps to stay hidden.

I’ll review some of the approaches and some of the risks.

Become a Patron of Ask Leo! and go ad-free!

Sending an anonymous email

You’ve got a classic whistleblower problem. You’re someone working in an organization who needs to safely, securely — and most important of all, anonymously — inform someone about a problem at that organization. If you’re found out as the source, you run the risk of retribution, termination, or worse.

Clearly, you should not do this from a computer at work.

Anonymous Regardless of what “anonymizing” technologies you use, it’s likely your activity can still be traced. The organization could have many different technologies in place, including but not limited to spyware, that allows them to identify which computer was used to send an email, and potentially even who was at the computer at the time.

Your home is not anonymous

You should not use your personal email — that much is also clear.

In fact, you shouldn’t do this from your home computer at all.

While email messages don’t typically include the IP address of their origination, there’s enough information in the email headers you don’t normally see to allow the email to be traced to the location it came from.

It’s not always easy, might require your ISP, and in some cases requires law enforcement to get involved, but it’s possible that any email sent from your home could be traced. So what to do?

Hiding your email address

Probably the easiest thing to do is to hide your email address.

The right way to solve the problem is to set up a brand-new free email account, using Gmail,, or other popular free services. An interesting option might be ProtonMail, billed as “secure email based in Switzerland”. Encryption is baked into ProtonMail, and being located in Switzerland makes some of the legal approaches to discovering who you are more difficult.

When you set up the account, use completely bogus information. Use none of your personal information; make sure the name is fake, the recovery information is fake, everything associated with that account is fake.

Home is where the danger lives

Once again, don’t set it up from home, because your home IP address could be associated with the account. That could be allow you to be discovered, particularly if law enforcement is involved.

Go to a library, or any place not your home or company that has a public computer you can use without identifying yourself. Set up the account and send your email from there.

There’s still no guarantee

There’s still risk. All we’ve really done is stack the deck in favor of not being discovered.

For example, if you use a public computer at a library, it’s conceivable there are security cameras that record your presence. If they can tell your message was sent at 10:30 a.m. on Tuesday, they could go back and look at security cameras to see you sitting at the computer.

But the bottom line remains:

  • Use a different computer.
  • Use a different account.
  • Make sure all the account information is fake.

That’s the best you can do.

Will the email be seen?

My assumption is that the content of your message will make it clear you have something legitimate to say.

However, it’s important to understand that they may not pay attention at all. They may get these all the time and ignore them out of hand, or they may assume if you’re not willing to be identified, you lack legitimacy. There are many, many reasons your anonymous note may not have its intended effect.

What about a letter?

My honest recommendation? Send a letter. A physical, put-it-in-the-mail, anonymous letter.1

This bypasses all the technology that could be used to thwart your attempts to communicate or be used to trace back to you.

It’s also possible a physical letter might get more attention and stand a better chance of achieving the desired results.

Do this

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

I'll see you there!

Podcast audio


Video Narration

Footnotes & references

1: Use a printer other than your own — again, perhaps one at the library — as there are rumors of printed pages being tagged with the ID of the printer that was used. And maybe take the letter to an out-of-town post office to mail it.

57 comments on “How Do I Send an Email that Can’t Be Traced Back to Me?”

  1. Good call Leo. Sometimes the good “old fashoned” way works the best. I’m all for the letter (snail mail) idea.

    • The issue is, depending on the organisation, that physical letters could, theoretically at least, be searched for fingerprints. And, especially it you work at a Govt agency, it wouldn’t be impossible for them to have fingerprints lifted off the envelope and then employee fingerprints surreptitiously obtained and then boom. You are blown. Unlikely, but possible. And if they were to lift dna with the fingerprint then all they’d need is a hair obtained from you by whatever means and again you are blown.

      • The low tech way to avoid fingerprints and DNA would be, of course, to wear gloves when handling any part of the correspondence and use one of the stamps that don’t require you to lick them. Good points though.

  2. Proxy servers are a joke for a number of reasons. Tor is also junk. A paid vpn from a non Hague state is better but still defeatable.

  3. At my local library, when I use their computers, email sites are blocked.
    Places I’ve gone online while traveling are airports and truck stops. Internet cafe’s are another option.

  4. Use a letter. It has the greatest impact. Especially if it’s a document size envelope used by most overnight services [FedEx, USPS] rather than a regular business size envelope. Remember to mark it “Personal & Confidential”. Request a signature upon receipt. With this method, you can also enclose other items of importance to back up your statement. Low-tech still has an important place in a high-tech world. Trust me on this….it’s worked for me.

    • “Request a signature upon receipt.” That would defeat the purpose of anonymity as you’d need to give them your address.

  5. Funny. I thought of the same suggestion about going to a library, etc. and setting up a new email account—but the idea of sending an actual paper letter never crossed my mind. Technology can sometimes give you tunnel vision, too.

    • They might be able to identify the printer but they would have to have access to your printer in order to be able to identify it. It’s like trying to identify the fingerprint of someone who’s never been fingerprinted before.

      • Jesus Christ! If the risk is that great (police, FBI, CIA, or all the commie versions), go take a bath. You might conclude you don’t want to engage in anything on-line!

  6. I notice that an email I sent to myself from my hotmail acct showed an IP address. When I googled the IP it correctly I.D.ed from where (town) I sent the email.

  7. If they really, really want to know who you are, remember that a real postal letter most likely has your FINGERPRINTS. And, if you licked the stamp or envelope, your DNA. And, if you took a pack of paper or envelopes from the office, there may be other identifiers.

  8. I have an even better suggestion (apart from the snail mail option). Send your mail from home, but :

    – Do it from the free, encrypted, anonymous, German mail service Tutanota.
    – Create a free Tutanota account specifically for this.
    – Create this account over Tor (and disregard the conspirationist, tinfoil hatters who keep saying Tor is insecure, because of the NSA — or whatever).
    – Wait for 48 hours till your account is approved — that’s the very reasonable price you’ll pay for signing in trough Tor, because Tutanota needs to protect itself against spammers.

    That’s it. Optionally : in order to support Tutanota, thank them for helping you out of that situation, and for being the best privacy oriented email service around, you may create now a paying account, under a different name, for the very low price of 12 $/year.

    You can’t use a paying account to send your anonymous whistle-blowing email, because Tutanota does not accept crypto-currencies for payment (yet), and credit card payment might, theoretically, expose your identity. Actually, you could. If your adversary is only your employer, it’s highly unlikely that he would have access to your payment details. That would require a court order, and on what grounds ? I’m only advising this as a way of achieving even better anonymity.

    In fact, you don’t even need to create your Tutanota account over Tor. Again, this is only one extra safety layer. Tutanota does not log IP addresses, except for the last 7 days, in an encrypted way accessible only to the user, in order for him to be able to detect if his account has been hacked. Of course, your IP address won’t be in any mails sent from Tutanota — in fact, all IP addresses are stripped from outgoing and incoming mails.

    Tutanota’s main purpose is to send encrypted mail without the hassle of PGP, but you wouldn’t use encryption in this case. You don’t need the contents of your mail to be protected from prying eyes ; only your identity. (But your emails would still be encrypted at rest on Tutanota’s server.)

    Tutanota, despite offering less features than Protonmail, has a huge advantage over it : you can open an account anonymously. No need to provide a phone number, no need to provide an existing email address (you can, but it’s optional), and they specifically encourage the use of Tor.

    Also, when you activate encryption, the subject field is encrypted in mails sent, which is not the case with Protonmail. This field can hold very revealing information.

    Be aware you are permitted only one free account.

    • what I’ve done is use a vpn and through it telnet to the MX ssrver for the
      mailbox I’m sending to and then “tyoe” my email {including all the
      header fields} over the telnet connection. the necessary SMTP commands and
      the email message itself, including all the headers, is just text, so while a little arduous it isn’t particularly difficult and pretty untraceable

    • Thank you for this info. I am currently in a tangle with super smart scammers infiltrating ethical hacker websites. It’s a war zone, nightmare, mine field. A massive leaning curve and this info is a great help, thank you. Any other suggestions would be greatly appreciated.

    • No, Tutanota needs verification between both the sender and the receiver of the email. Which means the receiver needs to know the pass code you set up to open the email. So it works fine between (or amongst) people who already know each other, but fails to do the work if it’s the first email you send to the person. I made a huge fool of myself because I didn’t know the encryption works not one-way, but both way. So keep that in mind, future Tutanota users. Your receiver needs to be informed of the pass code you set up in order to read the email. Not suitable for official email. It looks too shady for that purpose.

      • Not true, that is an option just like with Proton mail.

        I use both services and with both you have the option of sending an email that requires a password to open. With tutanota it’s the default until you hit the lock to deactivate that feature and with proton you have to hit the lock to activate the feature.

        Of the two I like proton the best

  9. Everybody seems to have a different opinion when the solution is so simple.
    For the most part I don’t think most whistle blowing letters are so important that they will do DNA tests to find out who did them a favor.
    But if you want to be safe buy new paper and new envelopes. Use latex gloves when handling the paper and envelope. Don’t even breath on them.
    Print it out not using the gloves that could get DNA from your keyboard.
    Don’t lick the envelope or the stamp.
    Be careful of your wording and phrases because they could identify you. ( I think that’s how the unibomber got caught. )
    Don’t get in a hurry because that’s when mistakes happen.
    Keep the letter in a plastic bag till you mail it and use gloves when doing so.

    Leo told you the only safe way to email your message. Using electronics to hide your identity is foolish because there are just to many things to go wrong.

    If conditions are that crappy at your job just request a meeting with the brass making sure you have facts and only facts then call a spade a spade because you can always get another job instead of working under such stressful conditions. Stress is bad for the health.

  10. Sheesh!!!

    Whatever happened to anonymous remailers?!?

    Did some thing happen to Replay? Ot the Mixmaster remailer chains?

  11. It’s worth mentioning that, depending on the circumstances, the mere fact that an E-Mail was sent anonymously can be a DEAD giveaway to who sent it.

    If you happen to be the only computer-savy person working in an office full of nontechnical idiots who wouldn’t know a “server” from a “waitress,” well…!

    Your recipient wouldn’t have to do any more than to ask himself, “Now who, in this rat’s nest of low-grade idiots, would have the technical savvy to send me an anonymous E-Mail?”

    …and you’re IDENTIFIED, case closed! :(

  12. How about just sending your complaint anonymously to the media (local TV station, newspaper, etc.) and let them handle it? A letter or e-mail could just be thrown away and you have no idea that they ever received it. It would have absolutely no impact or make any change.

  13. Hey so. .. I have some co-workers who get treated like garbage by the head cashiers. They take advantage of everyone and harrass and target one particular cashier. I wanted to write an anonymous letter to corporate because tge Store Managers and Operations manager could care less. This will only get attention by writing a letter to the main corporate office. I was going to create an account at the library….will they be able to trace my library card acct. I don’t think the FBI is going to get contacted. Lol but just want to remain anonymous. I feel sorry for the cashiers!!!

    • It’s unlikely that the library would give out that information. I’d ask at the library what their policy is on that kind of privacy. In a case like that, a physical letter would be safe against bring traced and possibly even more effective as they hold it in their hands physically.

  14. I also have a similar situation, only problem , I was fired because I found out too much information about the owner of the company I was working for , fraud and other criminal activities, the red flag was what I found on the accounting system .
    Even though I was fired , I still feel my life may be in danger , other investors and clients need to know……
    What should I do?

    • Sam I’m sorry to hear that. It’s not the first time I’ve heard people acting immaturely and inappropriatly in the workplace. I do not know what you have tried but you have the right to a safe work enviornment and if your employer will not provide that you may want to consider quitting. Other things you can try are talking to HR if your company has one, or whoever else would handle those things, like the manager or boss. It would be good if you could give specific examples of the bullying, times/dates it took place and exactly what happened. If you haven’t started keeping track it’d be good to start.

      I am not a lawyer or anything but there may also be places you can formally complain, perhaps when you started work they gave you a packet with information on your rights? You may also be able to take legal action against those who are bullying you; especially if it gets bad where you need counseling and/or medication. Could possibly sue your employer as well if they failed to deal with it. But again I am not a lawyer (just watch a lot of real life court shows) so you would have to investiage your options.

      But it’s ridiculous people can’t behave themselves at work (or anytime for that matter). It’s not the first time I’ve heard employees acting like children either and more companies need to crack down on it. I hope things get better for you and karma gets these troublemakers.

  15. Here is a thought…stand up for yourself. If the need for an anonymous email is warranted than just create a new email with fake info, type the email, add the recipient(s), and send it. Imo if you feel the need to express concern but don’t want to be THAT person but are unwilling to face the consequences of being found out good or bad then why even bother? Unless you are calling the CEO and upper management all a bunch of SoB’s and your concerns are legitimate then be willing to stand and smile proudly because most companies that I’ve worked for won’t even bother to research who sent it unless its threatening to dismantle the company.

    • I gladly would stand up for myself and other students in my school and tell that sick felon man all I wanted to say BUT I do need to receive my degree and I doubt other officials would take the side that’s right. They’re corrupted themselves and most likely will take the side of the 40something-year old “professor” not a student’s. With that title and my country not punishing sexual felons as it should, he could easily stop me from getting my degree altogether even though I’m one of the top students. I’d gladly uphold justice by myself if what you’re saying was possible.

  16. Yes ink and paper can be traced to manufacturer. However in order to ID an individual using these things you would need more evidence, like narrowing it down to the city and store it came from, then figuring out which employee of the OP’s company made the purchase. Like Leo said, anonomity is never 100% guarteed but you “stack the deck” n your favor.

    Depending on the type of business the OP works for and number of employees/staff the company may or may not decide to spend money to try and discover the ID of the whistleblower. It’s certaintly something the OP should consider, but we could spend all day discussing every possible way to get caught.

    I think the best bet is the snail mail. Use gloves, don’t lick any stamps, leave return address blank or put the Post Office’s address and have someone else drop it off to the actual Post Office for you (most have blue boxes or places inside you cand drop it off without standing inline, unless you want to purchase a ‘sight for delivery’ thing. Only problem is then someone else is ivolved who could possible be questioned. But I think it’s unlikely unless the person is recognized by the company to be associated with the OP.

    • So sorry for the typos , would go back and correct if I could. It happens when I type to fast, especially on my mobile devices and I’m not getting the option to correct as I go.

  17. Hi,
    If i sent an email from a laptop, would it be traced as well?

    If yes, then how can i hide the ip address from a pc or laptop to make sure the email will be anonymous?

    • If you send from a laptop, the IP address which would show up in the email would be the IP address of the network you sent it from which may or may not be identifying. A VPN would mask the IP address you are using.

  18. This is … confusing to say the least. Another whistleblower here but I’m actually a university student. A “professor” threatens the students and takes advantage of them sexually and otherwise and I want to let the school know, preferrably to multiple divisions so that if the dean is as corrupted he wouldn’t just get to throw out the email or letter and be done with it all. To make all of these much much worse, I’m a law student and the department of law is supposed to be the place that people who want to fight injustice go to, yet this “professor” is a felon himself under any decent systems of laws. Honestly as a clueless student that never used a letter I’m really worried that I might screw up with an actual letter. I can’t go to the police as I live in a hellhole with no protection for students or sexual victims and the officials are corrupted themselves so my best bet is still the school itself. I feel obliged and see this as part of my humane duty to let others know to save other students that might be the possible victims of him. I’d send an email but the school has many elements of the governments in it and I’m worried that they might do whatever it takes to find out who it was sent from. Aside from that, I realize we need to use gloves for the letter but I don’t know about where you live but where I live, unless you’re a classy lady wearing white gloves it’d be infinitely strange and susicious if someone strolled inside the stationary shop with gloves on and paid for the stuff with those gloves too. The people there would immediately pressume I’d be there with gloves to murder them all and would instantly call the cops! :[ They’re not going to assume that I’m trying to save fellow students from being sexually abused or emotionally blackmailed and scarred at school.

    Any more ideas about the physical letter? like 1. how should I buy them all with gloves and also about 2. how I should write the thing. I don’t have a printer and where I live photocopiers are to “secretly” keep a copy of all they copy or print too. I have no access to any photocopier machine that’s unsupervised. Is writing the letter in child like block letters with a pen really safe? 3. how should I make sure the one who gets it won’t just toss it out and claim they never got them? 4. We have mailboxes here on the streets where we drop the letters there. If I leave the “from” part blank, will it really be safe or would they be able to know which mailbox that letter was dropped into? 5. How about stamps? Can I buy them from just anywhere or are they also going to be traceable to where they were bought or who bought them?
    Somehow I feel even more nervous about the physical letter than the electronic email … . #MillennialKid, eh?! =s

    I also had a suggestion but this might be farfetched since we don’t know eachother but if two whistleblowers are having trouble over this and they’re in different countries (different legal jurisdictions) maybe we could get in contact and each of us send the message for the other one from the other country? Each government can punish the people that belong to there or live there, they can’t go and punish a person in another country as long as they’re not committing outright felonies that are identified as felonies in both countries/legal systems, right?

    I have question about this too:
    Does ^ work? Can anyone who’s good at these things let me know if an email from there would be traceable if the ip is changed?

    Also someone mentioned the unibomb kid. That kid used the university’s internet (unbelievable, I know) with Tor and Guerillamail (which even I know that it gives your entire information to the recipient with the email it delivers including your ISP -_- ). They said they got the police involved and traced him using the time the email was sent and the fact that he was the only one using Tor on the server at that time on the internet of that uni that was visible to the people prividing the internet to the students. None of us uses the same internet as our recipients I assume so I guess our cases are different and kinda a bit more advantageous than his and I’m sure that none of our messages involves anything about a bomb threat and that none of us is as idiotic as him.

    • 1. No need to use gloves to purchase the stationery. Buy the packaged stationery and use gloves to open the package.
      2. Child-like block letters should work. Besides, they aren’t going to be checking everyone’s handwriting samples. That’s probably illegal for them to do in light of European Data Protection laws. Do you have a trusted friend with a printer?
      3. That’s why you should send to as many people as possible including the police and newspapers. No guarantees anyone will take action.
      4. Send it from another post box.
      5. Stamps are untraceable.

      I don’t know about the anonymousemail website. It’s probably safe, especially if you send it from an Internet cafe. You can also open an account with any free email service from an Internet cafe which doesn’t require identification and send from there.

  19. Use an email client as a portable application to send and receive your emails from public computers. For example, you could install the email client Thunderbird on a USB drive. You can then write messages on your (or any other) computer, go to a public computer, plug your memory stick into a computer, open Thunderbird, and send your messages. Sending messages from a public computer has the advantage that the computer and IP address are not associated with you. It is advised in case of using public computers to use VPN or Tor before starting your web activity and communication. In all cases there are physical clues that can identify you even with a public computer such as CCTV footage or computer user logs at libraries.

    • Unless you are sending an email to a government entity, the odds that a company could get access to a library computer are very close to zero.

  20. You can also buy a burner phone at a big box store, pay cash for it, open a free email account with it and use it to send the email, but personally, I’d stick with snail mail, block-printing (or cut and paste the words from a newspaper :-) ), and gloves.

  21. Hiya,

    what happens when your organization receives anonymous mails from users of tutanota launching false accusations and denigrating people? how can these be tracked?



Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.