Hi, Knowitnot-ga,
Your original question asked about a particular e-mail address and
suffix, but it appears that what you're really trying to find out is
where a particular e-mail came from. So I'll answer your original
question first (which I already basically did above), then direct you
to a site that explains in detail how to go about finding out where an
e-mail originated. Unfortunately, people who send out spam (and other
"suspicious" mail) can be quite good at hiding themselves, so you may
not be able to find what you want except with a court order or two
(and even then it might be impossible).
First of all, the domain jakgym.se is registered to Järfälla
Gymnasium, a school in Sweden (in Swedish, a Gymnasium is an
upper-level secondary school). However, its Web site currently isn't
working. I suspect that's because its Internet address has been used
extensively by spammers, but I don't know for certain that's why the
site is down.
I found the owner of the domain name jakgym.se by searching on the
site used by the organization that assigns Swedish domain names (the
ones that end in .se). You can see the registration information on
this page:
NIC-SE Network Information Centre Sweden AB
http://www.nic-se.se/cgi-bin/whois/www-to-whois?domain=jakgym.se
I also confirmed that this domain was legitimately used by Järfälla
Gymnasium by searching for that name on Google. The school shows up
with the proper name in Google listings, but the links don't work. By
clicking on the links marked "Cache," however, you can see what used
to be on the school's Web site.
Google search for "Järfälla Gymnasium"
://www.google.com/search?hl=es&ie=UTF-8&oe=utf-8&q=J%C3%A4rf%C3%A4lla+Gymnasium
School's pages in Google cache:
http://216.239.33.100/search?q=cache:CO2fqKRJ5BgC:www.jakgym.se/+J%C3%A4rf%C3%A4lla+Gymnasium&hl=es&ie=UTF-8
http://216.239.33.100/search?q=cache:ynCqc2m2qhYC:www.jakgym.se/nt/personal.html+J%C3%A4rf%C3%A4lla+Gymnasium&hl=es&ie=UTF-8
Since it's obvious that the e-mail didn't come from the school, and
because Google researcher Pinkfreud-ga correctly pointed out that the
address has been used by spammers, I think it's fairly safe to assume
that's what happened here. As you can see from the link below
(provided by Pinkfreud), numerous newsgroup messages have listed
addresses ending in @jakgym.se that were sent by spammers. It's
fairly safe to assume that there's nothing special about the
particular name used in the e-mail; it is probably used as a tracking
device in case you reply or maybe just assigned at random in order to
avoid being filtered out.
Google search for newsgroup posts using @jakgym.se
http://groups.google.com/groups?num=100&hl=en&lr=&ie=UTF-8&oe=UTF-8&newwindow=1&safe=off&q=jakgym.se
It is technically very easy to send an e-mail using a false return
address. Nearly all e-mail programs (including Outlook Express,
Pegasus and Eudora, to name a few) let you designate the e-mail
address you wish to use as your identity; it doesn't really matter as
far as the software is concerned whether or not that's your actual
e-mail address. If you were to give me your address (please don't!),
I could send you a letter within a minute that looks as if it came
from the White House (for example). It really is no big deal from a
technical viewpoint. And, as you suggest above, it could come from
anywhere. (Most spammers are from the United States, but some of them
operate in other countries in order to avoid U.S. laws.)
So if you want to find out where mail with a phony originator's name
came from, what do you do? In many cases where a fake name has been
used, you probably can't find out. But you can find the route the
letter took to get to you, and that might give you clues as to its
origin.
The secret is in an e-mail's headers. Almost all e-mail programs let
you look at the headers of an e-mail. How you do it varies with the
e-mail program. Usually there is a "Show Headers" or "Full Headers"
or "Raw View"
command or something like that. If you look through the headers, you
will see a section that indicates the Internet servers that the mail
passed through to get to you.
Here is an excellent article that explains things better than I can:
How to trace an e-mail
http://www.dfn.org/focus/internet/trace-email.htm
As you can see, it is possible to put incorrect information in the
headers, but SOME of the information will be correct. If you go
through the steps outlined in that article, you may get blocked by
phony information soon, or you may be able to trace the mail back to
its origin or close to it.
Here's another article that also explains things, also in a less
user-friendly fashion:
Fighting E-mail Spammers
http://eddie.cis.uoguelph.ca/~tburgess/local/spam.html
And three more:
How to Interpret Email Headers
http://help.mindspring.com/docs/006/emailheaders/
How to read Email Headers
http://www.infinitymailer.com/infinitymailer/articles/reademailheaders.asp
Reading Email Headers
http://www.stopspam.org/email/headers/headers.html
You also might also be interested in some Google research that has
been done on questions that involve similar issues:
email
https://answers.google.com/answers/main?cmd=threadview&id=17915
SPAM
https://answers.google.com/answers/main?cmd=threadview&id=36807
Tracking down someone
https://answers.google.com/answers/main?cmd=threadview&id=50182
Email identity theft
https://answers.google.com/answers/main?cmd=threadview&id=14096
I hope this helps!
mvguy
Google search terms:
trace e-mail sender
://www.google.com/search?q=trace+e-mail+sender&sa=Google+Search
domain registrar sweden
://www.google.com/search?hl=es&ie=ISO-8859-1&q=domain+registrar+sweden
spam e-mail headers
://www.google.com/search?hl=es&ie=ISO-8859-1&q=spam+e-mail+headers |
