This is super simple.
You can’t. (I’m assuming you don’t work in law enforcement. The police can get a lot more information than you or I can.)
Let’s look at the various types of data associated with an email and discover how easily they can be completely falsified. I can think of one scenario where you might get lucky, but that’s only if the sender isn’t being particularly careful.
Become a Patron of Ask Leo! and go ad-free!
Who sent that email?
Identifying the real sender of an email, including their name, location, or phone number, is highly unlikely without the help of law enforcement. Any information you can access can easily be faked. Some data is protected for everyone’s privacy, making it nearly impossible for the average person to trace the true origin of an email.
From: who?
Let’s start with the “From” line of an email.
You cannot count on the From: line being accurate. Not only can the name displayed on the “From” line be misrepresented, but the email address listed as the “sender” can be completely bogus. It’s called “From: spoofing“.
You probably get spam like this all the time — it looks like it’s from people you know (or in some cases, like it came from you) when you know those people (or you) had nothing to do with sending that email.
This ruse is simple to set up. You don’t even need special tools. You just lie when you set up an email account in your email program. If you have a permissive enough mail service (and many are) then you can send mail that looks like it came from anyone. (Of course, I don’t recommend it. It’s bad form, unethical, and in many cases, illegal.)
An email address wouldn’t help
Even if you could count on the email address being accurate, it still wouldn’t help you find the person behind it.
There’s no directory or address book mapping an email address back to a real person, and most certainly not to an actual address or phone number. The sender’s email service may know that information, but they don’t disclose it to just anyone. It typically takes law enforcement with a court order or warrant to gain access.
Then again, the email service may not have accurate information about a user because it’s so easy to set up a fake account. You can go to Gmail, Outlook.com, Yahoo, or any other online free email service, set up an account, and lie about anything: name, location, age, phone number, etc. The service itself has no idea who you are.
An IP address won’t help
The next place people look is usually the IP addresses that are recorded in the headers of the email. By header, I mean the information you typically don’t see when you’re just reading your email. Headers record the servers that email passes through on its way to you.
How you view headers varies depending on your mail service. In Gmail.com, for example, clicking the vertical ellipsis exposes a menu containing a Show original option. This shows the actual raw email message complete with all the headers.
Headers are added by email servers as they pass messages from the source to the destination. That implies that the IP address of the originator would be on top of the list. Sometimes, that’s the case.
But in many cases, the IP address you want isn’t there. For example, if you send email using a web-based interface, say Outlook.com, it won’t include the IP address of your computer. The first IP address in the header is that of the mail service that originates the message — in this example, Outlook.com.
Let’s say the original IP address is included in the header. Well, as I’ve discussed in many articles before, you cannot get someone’s information from just an IP address. The closest you and I can get is to determine which ISP owns that IP address. In some cases, that can tell you, to wildly varying degrees of accuracy, what part of the planet the ISP is on. And that’s about it.
Once again, it takes law enforcement and a fair amount of additional legwork to get close to identifying the specific individual at a specific IP address. Even then, it’s not always possible.
Getting lucky
I did say that there was one case where you could get lucky, and it works like this: if the sender used a real email address that they’ve used before, you can try searching the internet for other uses of that address. Now, you don’t know if the email address is legit, as it could have been spoofed. But you may be able to get some additional clues from search results on that email address.
But to be honest, that’s about as good as it gets, and it’s just not that good.
Do this
Honestly, unless you know that some aspect of the email address is correct, I wouldn’t bother trying to identify its owner. If you’re experiencing harassment, contact law enforcement or a lawyer and let them bring their abilities to bear on the situation.
My email address is no secret! Subscribe to Confident Computing, and you’ll see it regularly. Less frustration and more confidence, solutions, answers, and tips in your inbox every week.
A lot of spam I get comes as an attempt to represent the email as coming from a business that I order from or from a service or business that I subscribe to. The email is pretending to be something I need to subscribe to, or renew, or make a payment to.
I can look at the full header and see that the email is not from my bank, credit card co. or other service that I use frequently.
You can’t tell who sent an email, but you can tell who didn’t send it by checking the headers. The kind of email that masquerades as a legitimate business is phishing mail. If you go to their site and try to log in, they will steal your login credentials. A password manager won’t fill in the password because it checks the URL of the site to enter the login info.