Helping people with computers... one answer at a time.

I am sorry that the resources for this kind of thing are so limited... because unfortunately, online harassment and cyber bullying are very common.

Hi, Leo. I've been facing harassment through email for the past three months. I can't even find the IP address saying it's a private network. Due to this, I removed my Gmail account yesterday, but I want to know: who is the culprit?

In this excerpt from Answercast #62, I look at the possibilities of protecting yourself from cyber bullying and the difficulties of tracing a harassing email.

Harassing emails

Unfortunately, your question is very common and also unfortunately, there's really nothing that you or I can do to track down the true source of the email if the person has sufficiently obfuscated their email location. In fact, even if they haven't, it's often very difficult to tell exactly who sent a piece of email or specifically where physically on the planet it came from.

In reality, that kind of stuff... that requires law enforcement: the police, attorneys, maybe even the courts.

Finding the culprit

What has to happen is the information in the email header needs to be decoded by an expert. That's not that difficult to do; but the information in that header (usually the originating IP address of the email) then needs to be turned into something usable. That's not something you and I can do. That is the kind of thing that requires that you go back to the ISP (the source of that connection to the internet) and ask them, "Who's at this IP address?"

And you know what, they're not gonna tell you or me.

They're just not going to tell people that walk up with that question - for many different reasons, not the least of which is your own privacy. You don't want people walking up and saying, "Hey, who's this IP address?" and having that refer back to you. No, what it requires is a legal process.

What it requires (at least in the United States) is something along the order of a court order that basically forces the ISP, or the service provider, to provide as much information as they can about that specific IP address.

Shared IP addresses

That may not even be enough!

For example, if the IP address turns out to be Google's Gmail, then the courts now have to go to Google and say, "OK. Fine. Tell us who was logged in to that email account and where they were located." Then another court order to the ISP of the resulting IP address... And you get the idea. It gets complicated pretty quick.

Internet harassment

Now, it gets worse. The problem is that this kind of thing is so common (and our courts and law enforcement system are so overloaded) that ultimately, this kind of thing just doesn't carry that high a weight; not that high of a priority.

So, as best I can tell, unless things really, really rise to the level of fearing for your life, law enforcement may probably not want to be bothered by this.

Protect yourself

I would recommend that if you are concerned that you definitely do contact an attorney or your local police or another law enforcement agency that would be handling this kind of thing. At least, report the issue and see what kind of resources are available in your location.

This is one of those things that varies dramatically - not just by what country you're in, but also by what city or area of the United States or other country you might be in.

You might get lucky. You might be able to get help from local law enforcement. If you can't, there's really not much else you can do.

I'd strongly recommend that you (if need be) set up a filter to automatically delete the harassing email and never, ever have to look at it again. I am sorry that the resources for this kind of thing are so limited because unfortunately, online harassment and cyber bullying is very common. But the fact is that the resources available to deal with it aren't.

Article C5925 - October 17, 2012 « »

Share this article with your friends:

Share this article on Facebook Tweet this article Email a link to this article
Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

9 Comments
Dan
October 19, 2012 9:14 AM

People just have to learn NOT to respond to such crazy e-mails or comments also... That just give the Troll more info about you and how easy it is to get to you. Plus lots of programs and websites give you a method to BLOCK users that are bullies. I have had to do that many times on the www.Flickr.com website, when someone starts to call me nasty names for God knows what reason. And yes, the police and the courts have far more important problems to deal with - murder, rapes and robbery......

Scott Currier
October 19, 2012 9:25 AM


Sometimes, if you view the full headers you can get the originating IP address. I just logged into my hotmail account using the normal web interface and sent a test email to my work account. When viewing the full headers my IP was shown next to the tag: X-Originating-IP

If I did a tracert to the IP I'd be able to find out that it was from Comcast and the approximate area.

Not overly helpful. But, if the person is an unsophisticated user you may be able to find out the approximate area where the mail is coming from.

My nephew was accused of sending harassing emails a long time ago. The police were able to trace where the emails came from and exonerate him. They were trying to get him to 'fess up, I was there. A day or two later we found out they were coming from an AOL account in another state.

I agree with everything that Leo says but I would like to point out that if the user is unsophisticated you may get lucky.

My experience has been that web based email systems do show the IP of the person sending the emails.

Good luck.

The first thing that I would do though it was Leo suggested, throw the person in the trashcan and have all of the emails go into the bit bucket.


Alex Dow
October 19, 2012 11:09 AM

Whilst agreeing with Leo and Dan, unfortunately the Mail Dervice Providers generally don't provide suitably large WHITE/BLOCK Directories; nor fast ways of adding/modifying/deleting in them.

For example, I find it laborious to have to transfer the unwanted addresses, one at a time, in to the Blocked List; and similar for deleting.

If the message is from an unwanted source, why not simply "press" a button to have those details in to the Blocked address directly?

Similarly if you are happy to receive from that source, "press" one button for the White List.

Why are the lists restricted to around 100, one thousand would be more realistic?

I also can not delete blocks of addresses from those lists, only one at a time with confirmations etc - Labour Intensive.

Why are your own Address Books not viewed as supplements to the White List, so that I would not have to transfer those, one at a time, laboriously confirming etc in to the White List?

Alternatively, be able to export the contents of any of those lists, to use an easy Editor such as EXCEL or WORD, then transfer back, en bloc to the working lists.

Such simple arrangements - a good programmer should bbe able to achieve such improvements in a week or there-abouts.

I don't understand the 100 address limit either, but I absolutely have seen email services that provide (or once provided) one-button blocking, and I do believe that several now include the contents of your address book as at least advisory if not a true white list. The problem with any and all of this, though, is that the From: address cannot be relied on and is very commonly spoofed by spammers and scammers. What that means is you could easily end up blocking people you don't want blocked because a scammer made email look like it came from them, or blocking itself becoming useless as spammers simply keep using different and random email addresses.
Leo
19-Oct-2012

Bonita
October 19, 2012 4:00 PM

Highly recommend Yahoo Mail Plus with Addressguard disposable addresses.

bob D.
October 19, 2012 8:36 PM

when i get email from a source i dont know i just delete it,

if the email content looks suspicious i just send it to Security at Google and ask them to block them from my system and to give the usGovt snoop a copy of all of this so he can dig deeper and see if he wants to nuke them... ho ho ho

bob D.
October 19, 2012 8:44 PM

also, i was told on a blog and use it all the time that when i get an email i want to get rid of to press simultaneously the shift key and the delete key, that email goes up in smoke and gone forever because i dont get any more emails from that idiot

- this works great on spam, altho i get my share of silly spam when i click as above they dont come back at least not in the same form, some do come in but they change their name by changing one letter or adding letter or spitting in their face while facing the wind, no, i dont bother google with these very very few repeats, i just hit the 2 keys, above, and watch that email go to idiot heaven where all the idiots share a same room and same computer and are soon found by a good-hacker-goddess who sends them and their computer to a black hole where they get sucked in and go to another universe where there are no computers................

bob D.
October 19, 2012 8:52 PM

but almost all who advise as to unwanted stuff and or stuff that can put a virus etc into your system, or otherwise destroy you, never to click on any link, even if sent by a friend, better is to reply and tell them you dont click and to please send you in open page,

of course none of my friends ever thereafter send in open page so i get my jollies deleting them without the pleasure of sharing their humble idea of mirth...

similarly if comes in an email from an idiot i dont know i save lots of time not clicking their links as they beg a brother idiot ought do because i for sure delete them into the black hole going to alternate universes to be gobbled up by the computer nerd who has already outlawed computers in his universe ...

yes this is an esoteric wish, but otherwise life gets boring.....

Mark J
October 20, 2012 1:34 AM

@Bob D
The shift delete doesn't do any more than delete your email. It doesn't block the sender or stop their spam in any way. If you want to block that spam, the best thing you can do is hit the Spam button and hope the Spam filter learns the Spam pattern and hopefully you'll get a little less Spam in your inbox. I've found that the big 3 free email providers, GMail, Yahoo Mail and Hotmail have very good Spam filters. GMail seems to be the best, but I've had trouble with Hotmail's filters being too aggressive and blocking legitimate emails.

James
October 20, 2012 3:46 PM

I really wish it were simple and easy because I've been getting email from some jerk which contain links to pornography. The subject lines this jerk uses I find highly offensive. And he sends like 6 per day.

Spam, I usually ignore. But this is so offensive to me that I took the step of creating a filter in Thunderbird. Problem is every email is from a different address. I figure he's just making stuff up. In fact the only common denominator was the URL of the porn. So I created my filter based on that.

Problem is, just about every week he must get kicked out because he changes the URL about every week. So now I'm stuck with changing the filter every week.

If I didn't find the subject lines so offensive, I would just ignore them like the rest of the spam that I get.

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to http://askleo.com/ask to ask your question.