I was reading the discussion about the trolls and have a question of my own. My daughter and her friend are being "stalked" so to speak by someone who sends them emails and recently set up a web page about my daughter and her friend. They are not threatening, but they are mean, hateful, etc.. This has been going on quite a while. My daughter and her friend went away to college and it still continues. They contacted the police, but since it is not threatening and not dozens of contacts a day, etc. etc.. they are unable/unwilling to help.

Some of the emails are weird, ie Edgar Allen Poe-ish. Many times, they just change one letter in a "known"email address and use that to contact them. They have even e-mailed my daughter still at home PRETENDIND to be my other daughter and her friend at college.

Anyway, how would I go about tracing these? Is is possible? I am not too computer =saavy, so you will have to lead me step-by-step. We have tried blocking the sender. We have printed them out, but deleted them off the computer. However, they will get more, I'm sure. I am particularly interested in tracing the web page. Thanks for all your help. I feel I am on my own on dealing with this. My daughter is not scared, but my husband and I are not liking this at all. We thought the person would just lose interest, but not so far. It will die down for awhile, but then pick up again. Thank you all for your help.

-- conniein nm (karrelandconnie@msn.com), November 17, 2001

Answers

Connie have your daughter talk to the computer department in school .It has to be filled with "geeks" that would love to be her hero and help.

-- Patty {NY State} (fodfarms@slic.com), November 17, 2001.

Connie -- first of all, do NOT allow this to be pushed aside. Online stalking is as serious as physical stalking. Contact your ISP and ask for their help. Then contact the local police and INSIST they get involved -- lots of times the police are grossly overworked and tend to take their cue from you on the seriousness of a complaint like this -- if you don't insist, they figure it isn't really that serious.

Alternatively, if you have the name of the website about your daughter and her friend, you can find out who owns it. Go to http://www.netsol.com/cgi-bin/whois/whois/ and type in the name of the site. It will then tell you who owns it.

Good luck!

-- Tracy (trimmer31@hotmail.com), November 17, 2001.

You can set headers in some e-mail servers such as yahoo or hotmail. just go to options. I leared this a few yrs back when i was getting stupid porn e-mauils in my hotmail speaking of which., anyone who has hotmail, do you get a ton of these too? some of my friends who have it do.

anyways, get the full headers then report it to their abuse e-mail or else contact your server. hope this helps, cause they need headers to trace, fulkl headers as it traces the originating e-mail addys.

-- Bernice (geminigoats@yahoo.com), November 17, 2001.

I get at least 10 porn sites in my hotmail account daily.I block them but the keep getting new addy's.

-- Patty {NY State} (fodfarms@slic.com), November 17, 2001.

Read in readers digest about a year ago about computer gaurdian angels [ people who know computers well] who help people who are harassed on the internet.You could check with readers digest.

-- kathy h (ckhart55@earthlink.net), November 17, 2001.

You can set hotmail to only receive email from people actually in your address book.

-- Rose (open_rose@hotmail.com), November 17, 2001.

You can always trace where an email comes from with a little bit of work. Then you just send an email to that isp. Address is as 'abuse@whatever' .

Below is one link to help you. I haven't figured out how to do clickable links here. Sorry.

http://eddie.cis.uoguelph.ca/~tburgess/local/spam.html

-- pc (jasper@woof.com), November 18, 2001.

Haven't you got that sorted out yet? If necessary, talk insistently to the FBI - the internet is nearly by definition interstate - at least until proven otherwise. Talk cyberstalking of young college girls to whoever you speak to - FBI or ISP or whoever - and they should pay attention.

Now, the site jasper or pc or whoever gave you is really quite good information - terrible colour scheme, but good info. Finf whatever the way is to show headers on your email. Towards the end he starts talking Unix commands, and that's probably not much good to you, but by then you should have got the raw info you need. You can feed it into the whois enquiry at various places, but one I've found comprehensive and easy to use is at http://www.arin.net/whois/ . This will almost certainly not tell you who is sending the email; but as the site jasper recommends says, it will tell you which site (probably ISP) it is coming from, and you can then send a message to "postmaster" at that site and they can find out who is sending the messages.

This also explains why what you have done so far is destroying the evidence. There was a lot more in those messages than you printed out, but you've destroyed it now. Sort of like getting letters in the mail, taking photocopies, burning the originals, then expecting the police to get fingerprints from the copies, or finding out where the original paper was sold. OK, you didn't know - now you do. Stop destroying the messages - you need the originals. With those saved, you can then ask the postmaster of the ISP where the messages are originating what to do to get the information to them.

This person has a warped perception of what is acceptable, and what the results of their actions are. It's even worse if it's more than one person. There may be no intent to actually injure or rape someone, but at this stage you don't know that, and you do know those are possible outcomes from this sort of behaviour. Get it sorted, and be VERY VERY insistent the people you talk to take those possibilities into account, and that they realise you're holding them responsible for the results if they ignore your concern. Make sure your daughter and her friend also appreciate that you want the matter treated seriously because of these possibilities. Let them think you're a neurotic old woman if they like, but make sure they realise that if that's the case then you're still a neurotic old woman who can muster a lot of support if you need to, and that the easiest way through the problem will be to get the situation sorted so you'll relax, rather than for them to try to ignore it. Of course, it wouldn't hurt if they realise that the reason you can muster a lot of support on the rare occasions you elect to do so is because you've lived longer than they have, seen more than they have, have a lot more experience than they have, and in fact can draw on your experience to envisage possibilities they have never imagined. In fact, you may have been sheltering them from some of the seamier elements of life (and believe it or not, they may be trying to do the same for you now). Get it out in the open, DON'T let the subject lapse, and get it SORTED!!!!! PLEASE?

-- Don Armstrong (darmst@yahoo.com.au), November 19, 2001.

As many have suggest you can trace the email sent to you, however you will find that in 90% of the cases it will lead you to a deadend. Most of the porn mail being sent is being sent from bogus accounts on valid ISP, mainly aol,att,etc. They know people are trying to trace them. Its easy to forge an email from whover you want with minial work. THe spammers user random names and reply to addresses.

The best way is to block on subject matter Block sex, home loan, investments and you will catch a lot of the mail. It does require you to have some valgur words in your filters but you can block a lot of the email. I block over 50 messages/week using filters. Some still get through though.

The case of the web site about your daughter, I would be concerned. There you have a tanagable web addreess to search on. Contact that ISP about the web site. Without any direct threats you might find it not illegal to have a web site about someone else but I would at least contact the police.

-- Gary (gws@redbird.net), November 19, 2001.

Just an FYI - I saw on a news show that those boys responsible for the Columbine incident had a web page and on that web page they indicated their sheer hatred for a few other kids.... and those kids listed on their website were some of the kids who were killed.

Someone having a website about your daughter is not normal, rational behavior.

-- Shannan (JanuaryGem2@aol.com), November 19, 2001.

Connie,

Don is correct about the 'eveidence' issue.

If you don't want to look at the stuff, make a folder and stuff it in the folder, this will also simplfy the 'evidence' sorting later.

when looking at email, select the 'view source' feature, this shows all the places the message came and went from to land in your mail box. the top is the most recent machine - it reads bottom to top.

you may notice the reply-to: is differnet than the from: the from is the actual sender.

All ISPs have an obligation to stop STALKING, and that is what this is!

If you want email me a couple letters, cut and pasted from the ctrl-u [view source page]. And the link to the web page. I will point you in the corrrect direction.

Perry

-- (perry@ofuzzy1.com), November 19, 2001.

Tracing an e-mail message

============================================

To trace the e-mail you have to look at the header. Most mail readers do not show the header because it contains information that is for computer to computer routing. The information you usually see from the header is the subject, date and the "From" / "Return" address. About the only thing in an e-mail header that can't be faked is the "Received" portion referencing your computer (the last received).

You will need to take a look at the headers on the message as follows :

Claris E-Mailer - under Mail select Show Long Headers.

Eudora (before ver. 3) - Select Tools , Options... , then Fonts & Display then Show all headers

Eudora (ver. 3.x, 4.x IBM or Macintosh) - Press the BLAH button on the incoming mail message

For Mac Eudora 4.x, hitting the following will cause Eudora to alter its default setting so that BLAH will be automatically selected for all new email received after this switch is set:

x-eudora-setting:123=y When checked, Eudora will show all the headers from messages, not just an abbreviated set.

HotMail - To expose the full message header, click "Options" on the Hotmail Navigation Bar on the left side of the page. On the Options page, click "Preferences." Scroll down to "Message Headers" and select "Full."

For Lotus Notes 4.6.x - From the menu bar, select Actions, then Delivery Information. Copy the information from the bottom box into your e-mail report at the top of the spam.

For Lotus Notes R5 - From the menu bar, select Actions, then Tools, then Delivery Information. Copy the information from the bottom box into your e-mail report at the top of the spam.

MS Outlook - Double click on the email in your inbox. This will bring the message into a window. Click on View - Options. You can also open a message then choose File....Properties....Details.

MS Outlook Express - Alt-Enter, or Alt-F then R.

MS Outlook Express - More Detailed:

To look for, copy and send headers In Outlook Express

1- Press CTRL F3

2- Press CTRL A

3- Press CTRL C

4- Press Alt F4. (At this point the message is already copied)

5- Open a new message. Right click and paste or select Edit and paste.

Netscape 3 - In the mail viewing window: Options Show Headers All - When all the headers are displayed in the NS3 mail window, they are formatted. This is much more readable than the display in a text editor such as Notepad.

Netscape 4.xx - Double click on the email in your inbox. Click on View - Headers - All.

PINE - You have to turn on the header option in setup, then just hit "h" to get headers.

Yahoo - 1.Log into your Yahoo! Mail account.

2.Click the "Options" link on the left-hand navigation bar.

3.Click the "Mail Preferences" link on the right.

4.Locate the Show Headers heading and select "All."

5.Click the "Save" button to put your new settings into effect.

Another way to show you how to display headers, please see (with some good screen shots):

http://www.wurd.com/eng/ABCs/ms_headers.htm - MS Outlook Express and Internet Mail

http://www.wurd.com/eng/ABCs/mac_headers.htm - MS Outlook Express for the Mac

http://www.wurd.com/eng/ABCs/ns_headers.htm - Netscape Messenger or Netscape Mail

Programs that do not comply with any Internet standards (like cc- Mail, Beyond Mail, VAX VMS) throw away the headers. You will not be able to get headers from these e-mail messages.

In Pegasus to view the full headers for each message, use CTRL-H. This will show the full headers for the particular message, but will not add them to any reply or forward. You need to cut/paste the message into the reply/forward to send these headers.

Best of luck with tracking them down

-- Darren Griffin (darren.griffin@eircom.net), February 08, 2002.