Spam Investigation Toolkit

Posted in Notes Spam on 4 October 2022

Tools to help identify and engage spammers.

I’m often asked what tools are best to use to identify spammers, there are plenty of free tools online that work just as well as the more expensive paid-for tools, or command line tools that most people use. Here’s a quick run down and what to look for…

Annoying or Malicious?

While it’s all spam it is important to clarify that there is a difference between unwanted emails and a scam. You may not want a company to email you without your permission, this is annoying but not necessarily malicious. A scam email is deliberately attempting to fool you into providing personal information to defraud you.

Never engage with spam which is attempting to get personal, financial or company information

Where you should engage is with an otherwise reputable company, which should know better than to send spam.

DNS Lookup

A DNS Lookup will help you determine the ownership of the server an email address or website is hosted on. You will normally find a lazy spammer will attempt to hide where the email is coming from while linking directly to their website. Others will only use a temporary landing page further hiding the spammer.

Start by looking up the domain in the email address, then the domain in the linked websites. Make a note of any A-Records, these will be useful for identifying the host of the website.

DNS Lookup 2

Additionally, you may want to run any domain names you encounter through, and use the “MX” records search for any domains you’ve encountered to see what email services are being used. The “A” record search against the domains will provide you with more IP addresses to look up below.

IP Lookup

An IP lookup will help you pinpoint the hosting infrastructure and mail system used by the spammer. Typically, a spammer will use a different server for their website hosting from their SMTP (email sending) server. If they’re not very good they’ll use the same for both.

Using the IP addresses identified in the DNS lookup, you’ll be able to identify the companies used by the spammer. You should contact these companies directly to alert them to the spammers using their services.

Black List Check

This is a tool from MX Toolbox that allows you to check if a server IP or domain name has been blacklisted for various reasons. You most likely won’t receive mail from a blacklisted domain. Usually, your email provider will use multiple blacklists to determine if something is spam, suspicious or malicious.

Engaging with Spammers

You should always think twice about engaging with spammers. But, this can be useful later. You should only engage for as long as you feel comfortable. You’ll find the longer they engage the more information will become available for your investigation.

If you post about the incident on a public website, they’ll not be happy. But the thickest amongst spammers will email you back on the address they spammed you on to complain, thus confirming their complicity.

  • Only use the email address they spammed you on
  • Don’t provide any “real” personal information
  • Keep records and follow up with the hosting/DNS/email provides you’ve identified
  • Any threats should be reported to your local police/authorities


Spam is illegal in most jurisdictions, however, the laws change region by region. Keep records of your investigation, A quick way to dismiss any complaints to a hosting company is to provide them with a link to your post or a shared document.

The teams that deal with abuse complaints at hosting companies also deal with the spam complaints, so they’ll always be on your side, not the spammers, no matter how much they complain!

Related Notes Posts

May 2024

Email and newsletter deliverability best practice

Email deliverability refers to the ability of an email to successfully reach the recipient's inbox, rather than being marked as spam or bouncing back. High... Continue reading

February 2024

Animated SVGs (Scalable Vector Graphics)

Animated SVGs, Scalable Vector Graphics, are increasingly popular choices for adding dynamic elements to websites. Their scalability, lightweight nature, and flexibility make them attractive options... Continue reading

December 2023

Using Scalable Vector Graphics (SVGs)

Scalable Vector Graphics (SVGs) have revolutionised website design, offering unparalleled flexibility, scalability, and interactivity. As versatile graphic elements, SVGs can enhance the visual appeal and... Continue reading

More Notes Posts

Related Spam Posts

January 2023


These are spammers who use URLs to mask the URL of their malicious websites. They purport to be a link building service, but in... Continue reading

November 2022

Spammers: Housing Secrets

**Housing Secrets** are a dodgy looking blog for a real estate agent. I encountered them when they spammed the contact form on my website (for... Continue reading

October 2022

Spam Investigation Toolkit

Tools to help identify and engage spammers. I’m often asked what tools are best to use to identify spammers, there are plenty of free tools... Continue reading

More Spam Posts