How do I send an email so that the recipient cannot identify who I am?
Sending anonymous email is both easy, and incredibly difficult. It depends on just how anonymous you want to be, and who you’re hiding your identity from.
And, of course, how paranoid you want to be.
Become a Patron of Ask Leo! and go ad-free!
I do want to start by saying that I’m not going to get into the morality or social implications of anonymous email. Like any technology it can have an incredibly important role in society and it can be horribly misused. As can the techniques used to break it.
I’ll start with what I’ll call “anonymous light”. As we’ll see shortly, this will keep your identity safe from casual or non-technical observers, who are not likely to pursue it very far.
The short answer is to use a free email account like Hotmail or Yahoo mail, and make up all of the information required when you create it. Use a false name and create a completely false identity. Then send your message from that account.
Most people will be unable to determine from the email messages sent from that account anything more than that false identity you’ve created.
I call that “anonymous light” because of that term “most people”. In fact, the email probably could be traced back to you or your machine, but typically only if people are willing to involve law enforcement if they believe you’ve done something illegal. The information kept by your ISP and the free email service, when combined, could provide a trail to your door, but they won’t give that information without a legal requirement.
It’s important to note that I’m assuming a “reputable” ISP and free email service. Most are, but obviously if they are willing to give that information to just anyone, all bets are off. Similarly, laws and practices vary from country to country, so just how easy it is for law enforcement, a private investigator, or some other entity to get this information may vary greatly depending on where you are, and where your recipient is.
Now, if your recipient is very internet savvy, he could compare the IP address from which an email was sent to an IP address known to be you. Because not all free email services include the originating IP, and in common cases your IP may change often, this actually only works infrequently. If it does, however, it’s at least an additional clue that a recipient could gather that could lead them to you, or perhaps bolster their case if they do take it to law enforcement.
Now, unless you are doing something illegal like some form of online harassment, that “anonymous light” approach may well be enough.
But what if it’s not? What if, for example, you’re a corporate whistle blower and are concerned that the company might manufacture a case that would cause law enforcement to track you down?
As we’ve seen, if you log in to your anonymous free email account from your home computer and send an email, the free email service may have a record of that. Using your IP and the time you logged in, your ISP could then identify you. Important: you cannot get this information. But if the information has been kept, law enforcement can.
So, step one might be to use someone else’s computer.
And here’s where we start verging on the “just how paranoid are you”
question. Is there any way that you could be traced to having used that computer at a particular time? Public library computers are nice and all, but … are there security cameras? Do you have to somehow register to gain access?
Perhaps an anonymization service, such as Anonymizer would be a good approach. You might access your free email account through the anonymous proxy, so that the email would not be directly traceable to you or your machine.
But anonymization services are just that – services run on computer servers. Do they keep logs? Would those logs be available for inspection if law enforcement came with the appropriate authority? Maybe. Even if not, (and here’s the paranoia thing again), with enough resources, it could be possible to monitor the traffic to and from the anonymization service and “reverse engineer” who’s sending what. A complex anonymization service could certainly make this extremely difficult.
Then there’s the content of your message … do you have a distinct writing style that could be traced back to you? For example, do you have a consistent set of words that you regularly misspell? (I know I do.) Do you make statements that only you would know? As we saw some time ago, individuals were able to be identified only by the Google searches they did over a period of time. Email can be much more specific and identifiable.
Ultimately, there really is no such thing as “perfect anonymity” on the internet. You can make it very, very hard and expensive to be identified, but it’s rarely truly impossible. The best you can hope for is “impractical”. And just what impractical means depends on what you’re saying, who’d want to know who you are, and how many resources they can throw at the problem.
Important: I cannot trace email. I cannot trace IP addresses. I’ve written several articles on both, referenced below, and they all boil down to “contact law enforcement”. Comments on this article that boil down to “how do I trace”, or actually requesting me to trace something, will be deleted.
Sorry, but I get this so often, I don’t want these requests that I can’t act on to get in the way of otherwise interesting discussions.
The poor man’s way to anonymize is to drive to a neighborhood across town and connect to somebody’s unsecured access point with your laptop. If you’re *really* paranoid, you could even drive to a neighboring city or state.
Depending on many things, the email sent from your laptop could still contain information that could be used to identify you, even if using someone else’s internet connection. (Many mailers, for example, include the machine name in the headers of the mail being sent.)
It depends entirely on what email program you use, or what web based email service you use. They *should* allow you to scroll right/left, OR they should allow you to automatically wrap text. If they don’t, then I’d consider that a bug of some sort.
I use http://mail.picsent.com and send emails out where people cant tell my email adress but its not for bad! its just cuase i dont want repleys. so i guess leo wouldldnt complain about that!
I prefer to use anonymity services. My favorites are Ultimate Anonymity ( http://www.ultimate-anonymity.com ) and Cotse ( www. cotse.com ). Both offer very cool tools for online anonymity. Ultimate Anonymity offers a secured web based remailer and nifty software you can download to send totally anonymous messages and manipulate the “from” line to be anything you want.
http://www.anonysend.tk lets you send anonymous emails online for free. No sign up required.
We also offer free anonymous web browsing and free anonymous mobile phone text messaging.
Hope that helped!
Excellent article and comments! I am looking for some guidance.
If you were in say a “corporate whistle blower” situation, but with a small (yet very technically savvy company), and the only potential legal infraction could be related to confidentiality, which approach is safest? Oh-and they will not receive email directly-most likely will be forwarded to them from recipient.
1) Drive to different location and connect w/ unsecured wireless
2) Online anonymity services above
Thanks
I just need some clarification. I am going through a situation dealing with a ex who says he got an email through facebook from a friend of mine (the email was not very nice, to say the least) and my friend says it did not come from him. I am just wondering if there is any way to figure out where the email came from on facebook so I can end this.
12-Mar-2010
I was thinking something like this: take my laptop to a neighboring city, connect to an unsecure network, create a fake free email address, create a fake Facebook account then send the email to the person through Facebook. Is there anyway possible, even for a very tech savvy person, to trace the email back to me? I see that the last question (and your answer) dealt with Facebook, but I was unclear as to the path of the email the writer was referring to; it seemed that the email referred to did not take a direct route to the writer (?). My email will go from my fake Facebook acct directly to the Facebook account of the intended. Thanks for your response.
You must try http://www.secure-anonymous-email.com
I have a varaince on the last question and really different situation.
I’m in a whistleblower position, nothing illegal period, but have a good amount of concern for the rain of crap my family and I would have to endure if I were outted. Very paraniod, so much so that writing this is killing me … surely they could trace this too!
So here’s what I was thinking, home, out of the question! library computer, nope you gotta log in at the desk with your library card … but they do have free wifi as does mcdonalds … could I potentially use a free wifi service such as mcdonalds to make a new email address (yahoo etc) and send an email or would something like my mac address remain the same and be tracable back to me?
Additional details … I have a windows vista based laptop, a windows 7 laptop and an IPad I know in the past different windows versions gave different security levels but I know nothing about the IPad. I was bought strictly for fun, we know nothing about macs or mac based products.
Also what if i logged in at mcdonalds to my computer then went to the annomizer then made the email etc … wouldn’t someone be able to trace it back to mcdonalds then potentially back to me because I logged into mcdonalds wifi? Have I now reached too paranoid? Holy freakin cow my mind is now whirling!!!!
Please think about it, let me know! I need to send this soon and I just keep freaking out about getting outted, I have to live here and so do my kids …
Thank you very much!!
12-May-2011
Hi Leo
Thanks for the article. Also in the same boat as the last post. I want to know how it will work if you create a free account with Gmail for example, while you are using Firefox’s private browsing. Will your IP still be recorded? Thanks
30-Aug-2011
Hi Leo
Thanks for the feedback. Just an update if anyone else still want to do this. I went to anonymizer.com and they showed my IP and my location. That was with Firefox. Then I went on to Firefox’s – Tools- Start Private browsing, and went to the above site again- again it showed my ip and location, which confirms what you are saying in the above. I then found hidemyass.com, and went on Web Proxy, which opens a banner on top of your Google page for example. Every time I went on Anonymizer through HMA it changed my location and IP- USA, Netherlands, UK, China, Russia etc. If I create a free account through this method with phony details and send my mail via HMA, it surely must be fireproof, or am I missing something? Thanks for the Speedy reply and blessings
31-Aug-2011
Go to the damn library. Yes there may be cameras but I highly doubt there’s one near ur comp. I still haven’t seen a lib with one. Govt is cheap. Wear a hoodie. Fake everything on a Yahoo account. At my lib u don’t have to show card u just write ur name. Say ur abdulhossein abukheider. If ur in ny for ex where u need to show card say u just moved from out of state and don’t have state Id. Librarians are not FBI agents.
Yea. Not 2 many libraries have cams directed at the comps. So what if u were spotted there that doesn’t mean u used comps. and if u do the thing about moving out of state, they issue u a temporary barcode computer pass. don’t ask 4 ur id or nothin. be nice to librarian. fake yahoo account fake everything blah blah. unless ur in a rich town trust me there’s no camera’s anywhere in sight. you can write anything u want won’t say any details but jus trust me. 15+ yrs experien
Are you people serious? CHANGE YOUR EMAIL HEADER
19-Oct-2011
Hi! I have a paranoid ex husband who uses a tacking system to track down when and where I open his emails etc etc. There was domestic violence in the past and I am going through a difficult time. My question is, how can I ‘confuse’ the tracking system called ‘readverify’ that he is using and not be traced? Thank you.
31-Oct-2011
What about if you send an email from an iPhone, is it still traceable…?
Absolutely.
Hi Leo:
I got a new laptop as a gift but haven’t yet opened it. Let’s say I create a computer login like “Jon Doe” on this laptop and use public wifi. Other than “computer name” as you have earlier mentioned, is any other info about my equipment decipherable in an email (MAC address, serial number, etc)?
(By “computer name,” do you mean a user login that is set by the user? Or do you mean some other info that is unique to that computer, as set by the manufacturer?
Thanks.
J
14-Nov-2011
If I use an anonymous email service, where does it show the email coming from? I’d rather use a fake account such as Yahoo, but I want the email to be sent at a certain set time so I have an “alibi”, and I’ve read you are able to do that with an anonymous site, but I’m not sure with yahoo or gmail, etc.
27-Nov-2011
Hello… I got an email from someone who sent me a link to a craigslist post.
They used a fake email in the “from” section… so it appears to be from someone that I know. However I know for a fact that it was not sent by that person.
Can I trace an email like that? Or is it untraceable because it was sent through Craigslist?
10-Jan-2012
I actually have a question..i recently sent an anonymous email about one of my sons teammates on his football team. The boy in question has heart issues and takes meds but still plays ball. I sent the email tp the athletic director asking him to look into it as it was information given to me. I also stated shpuld he not I would go to the board.is this illegal?
18-Aug-2012
That is how the Unabomber was caught. His brother recognized his writing style and use of expressions unique to himself. That started a new branch of forensics, called forensic linguistics.