Summary: Many people want to be able to send anonymous email; email for which the sender cannot be identified. It´s easy. And it´s impossible.
How do I send an email so that the recipient cannot identify who I am?
•
Sending anonymous email is both easy, and incredibly difficult. It depends on just how anonymous you want to be, and who you're hiding your identity from.
And, of course, how paranoid you want to be.
•
I do want to start by saying that I'm not going to get into the morality or social implications of anonymous email. Like any technology it can have an incredibly important role in society and it can be horribly misused. As can the techniques used to break it.
I'll start with what I'll call "anonymous light". As we'll see shortly, this will keep your identity safe from casual or non-technical observers, who are not likely to pursue it very far.
The short answer is to use a free email account like Hotmail or Yahoo mail, and make up all of the information required when you create it. Use a false name and create a completely false identity. Then send your message from that account.
Most people will be unable to determine from the email messages sent from that account anything more than that false identity you've created.
I call that "anonymous light" because of that term "most people". In fact, the email probably could be traced back to you or your machine, but typically only if people are willing to involve law enforcement if they believe you've done something illegal. The information kept by your ISP and the free email service, when combined, could provide a trail to your door, but they won't give that information without a legal requirement.
It's important to note that I'm assuming a "reputable" ISP and free email service. Most are, but obviously if they are willing to give that information to just anyone, all bets are off. Similariy laws and practices vary from country to country, so just how easy it is for law enforcement, a private investigator, or some other entity to get this information may vary greatly depending on where you are, and where your recipient is.
Now, if your recipient is very internet savvy, he could compare the IP address from which an email was sent to an IP address known to be you. Because not all free email services include the originating IP, and in common cases your IP may change often, this actually only works infrequently. If it does, however, it's at least an additional clue that a recipient could gather that could lead them to you, or perhaps bolster their case if they do take it to law enforcement.
Now, unless you are doing something illegal like some form of online harassment, that "anonymous light" approach may well be enough.
But what if it's not? What if, for example, you're a corporate whistle blower and are concerned that the company might manufacture a case that would cause law enforcement to track you down?
As we've seen, if you log in to your anonymous free email account from your home computer and send an email, the free email service may have a record of that. Using your IP and the time you logged in, your ISP could then identify you. Important: you cannot get this information. But if the information has been kept law enforcement can.
So step one might be to use someone else's computer.
And here's where we start verging on the "just how paranoid are you" question. Is there any way that you could be traced to having used that computer at a particular time? Public library computers are nice and all, but ... are there security cameras? Do you have to somehow register to gain access?
Perhaps an anonymization service, such as Anonymizer would be a good approach. You might access your free email account through the anonymous proxy, so that the email would not be directly traceable to you or your machine.
But anonymization services are just that - services run on computer servers. Do they keep logs? Would those logs be available for inspection if law enforcement came with the appropriate authority? Maybe. Even if not, (and here's the paranoia thing again), with enough resources, it could be possible to monitor the traffic to and from the anonymization service and "reverse engineer" who's sending what. A complex anonymization service could certainly make this extremely difficult.
Then there's the content of your message ... do you have a distinct writing style that could be traced back to you? For example, do you have a consistent set of words that you regularly misspell? (I know I do.) Do you make statements that only you would know? As we saw some time ago, individuals were able to be identified only by the Google searches they did over a period of time. Email can be much more specific and identifiable.
Ultimately, there really is no such thing as "perfect anonymity" on the internet. You can make it very, very hard and expensive to be identified, but it's rarely truly impossible. The best you can hope for is "impractical". And just what impractical means depends on what you're saying, who'd want to know who you are, and how many resources they can throw at the problem.
Important: I cannot trace email. I cannot trace IP addresses. I've written several articles on both, referenced below, and they all boil down to "contact law enforcement". Comments on this article that boil down to "how do I trace", or actually requesting me to trace something, will be deleted. Sorry, but I get this so often, I don't want these requests that I can't act on to get in the way of otherwise interesting discussions.
Related:
Ask Leo! - How can I trace where email came from?
Ask Leo! - Can GMail be traced?
Ask Leo! - Is anonymous web surfing possible? If so, can't the 'bad guys' use it too?
Ask Leo! - Getting all worked up over IP tracing
Ask Leo! - What can people tell from my IP address?
Ask Leo! - Can I get someone's name and address from their IP address?
Ask Leo! - How do I figure out who owns an IP address?
Ask Leo! - When I visit a web site, can the server identify me?
Article C2908 - January 25, 2007
Depending on many things, the email sent from your laptop could still contain information that could be used to identify you, even if using someone else's internet connection. (Many mailers, for example, include the machine name in the headers of the mail being sent.)
Posted by: Leo Notenboom at January 25, 2007 4:36 PMLeo-enjoy your effort to answer questions , that users have. one word aswers this one BLACKBERRY ! MAX
Posted by: maxwell at January 27, 2007 11:59 AMIs the email page a fixed format? I get numerous emails that don't wrap around and consequently lose a few words at the right edge of the line. I've looked for the slide bar at the bottom and some don't seem to have one. Is there a way to slide the message to the left to read the words. So far the only way I've found is to reduce the size of the print by rolling my wheel while holding the control key. The small print is then difficult to read at times. Thanks
Posted by: Wendell Rothgeb at January 27, 2007 1:30 PMIt depends entirely on what email program you use, or what web based email service you use. They *should* allow you to scroll right/left, OR they should allow you to automatically wrap text. If they don't, then I'd consider that a bug of some sort.
Posted by: Leo Notenboom at January 27, 2007 2:17 PMhttp://10minutemail.com/10MinuteMail/
Posted by: Rich at January 28, 2007 1:25 PMI use http://mail.picsent.com and send emails out where people cant tell my email adress but its not for bad! its just cuase i dont want repleys. so i guess leo wouldldnt complain about that!
Posted by: picsent at September 13, 2007 7:35 AMI prefer to use anonymity services. My favorites are Ultimate Anonymity ( www.ultimate-anonymity.com ) and Cotse ( www. cotse.com ). Both offer very cool tools for online anonymity. Ultimate Anonymity offers a secured web based remailer and nifty software you can download to send totally anonymous messages and manipulate the "from" line to be anything you want.
Posted by: John Roberts at January 20, 2008 12:10 PMwww.anonysend.tk lets you send anonymous emails online for free. No sign up required.
Posted by: Anonysend.tk at March 2, 2008 5:21 AMWe also offer free anonymous web browsing and free anonymous mobile phone text messaging.
Hope that helped!
or you can buy a used cell phone that is capble of going online, get yourself a homeless guy to buy some pre-paid minutes using the name of the person's wallet he just stole, (make sure it's not yours) connect online following Leo's advise above. when finished, get an old rag soaked in bleach, wipe the phone down thoroughly, resell the phone overseas. duh...
that's how I would Elude...
Posted by: eluder at July 24, 2008 4:31 PMExcellent article and comments! I am looking for some guidance.
If you were in say a "corporate whistle blower" situation, but with a small (yet very technically savvy company), and the only potential legal infraction could be related to confidentiality, which approach is safest? Oh-and they will not receive email directly-most likely will be forwarded to them from recipient.
1) Drive to different location and connect w/ unsecured wireless
2) Online anonymity services above
Thanks
Posted by: Biopharmabull at December 5, 2008 9:38 PM