SmartWhois and Microsoft Outlook
Looking at E-mail Headers
Just like in IE, you can find the SmartWhois button on the MS Outlook toolbar. If it's not there, make sure that the Outlook add-in is activated (in SmartWhois, click Options => Integration => Install SmartWhois for MS Outlook Add-in) and restart Outlook.
Every e-mail message that you receive includes so called "headers," that messy block of text that precedes the actual message body. Headers are included in every message, but they aren't normally displayed to the user. However, every e-mail client can be configured to show this information, and the SmartWhois add-in can help you quickly display it.
Headers contain information about the path the message took before reaching our e-mail box. Each computer that handled the message en route added something to the header, and it is this additional info we can use to help trace the message back to its source. Reading and understanding e-mail headers is not a black art, but it requires some knowledge and practice. This topic is outside the scope of this tutorial, but you can find many good articles on the Internet, for example: What Email Headers can Tell You About the Origin of Spam. Here, we'll simply show you how you can use SmartWhois to get information on the IP addresses that you can find in the headers.
Here is a typical spam message:
To look at the headers, click on the SmartWhois button on the toolbar and select Pass E-mail Headers to SmartWhois:
The IP address found in the headers are highlighted, just like hyperlinks on a web page. Clicking on any of the hyperlinks will make SmartWhois retrieve information about the selected IP address. You can also select any part of the text and query the selection as a host name or domain.
Why would anyone want to find the originating IP address of a message? Well, there could be a number of reasons. You may want to find the physical location of your correspondent (someone who claims to be staying in France might be in Italy). You may want to find to which organization the IP address in question is registered (if you got a message from firstname.lastname@example.org but the message came from Nigeria, it's a good reason to think twice before submitting a web form with your account password). Or you may want to complain about spam.
Regardless of the purpose of your query, it's important to understand the limitations of the technology. It's equally important to distinguish between the myth and reality. Read more about this in the next chapter.