I am trying to track an email account to determine who it belongs to. IT investigations is not my fortee! Any help for an amateur IT guy? It is a yahoo account. A client of mine received a mysterious email from this account, the emial contained a specific name on a current investigation, so it is not just a random spam.

Thanks to anyone who can offer some help or advice!

whats the email account.... ill give you all the information on that account.

All the best info comes from the headers of the message. And by "headers" I don't mean just the From, To, and Subject lines. I'm referring mainly to the real origin of the message (the first couple of "received from" headers. Just seeing a Yahoo address in the From field doen't mean it came from Yahoo.

Specifically, these headers:

Received: from wbar25.tmp1-4.28.207.175.tmp1.dsl-verizon.net (wbar25.tmp1-4.28.207.175.tmp1.dsl-verizon.net [4.28.207.175]) by wish.halo5.net (Postfix) with SMTP id 438CA472A8; Fri, 4 Feb 2005 01:26:33 -0600 (CST)
Received: from ttgh.com (EHLO asmtp-a.pas.sa.earthlink.net) dally by dram5738.253.171.4.69 (2.17.5/7.43.8) id g74YfX1206 with SMTP; Fri, 04 Feb 2005 11:22:15 +0400

Or something similar.

EDIT: My apologies for bringing back a month-old thread. Feel free to just ignore me. ;)