Every now and again I get a real email but no idea who it’s for. It’s actually more common then I’d like to admit. The only thing identifiable is that it came from a WordPress site running Gravity Forms something like the following.
Most times this happens due to a misconfigured email notification or a site admin email address which was never updated to the clients email. Finding which website this email came from is necessary in order to solve and prevent this from happening again.
Tracing emails to their sending domain
In order to trace this email to it’s source website, you need to look at the original email. Within Gmail it’s simple dropdown option.
This will show the full raw email contents. There is a lot of infomation which is not all that useful to look at. The one important line is called the Message-ID. There might be multiple Message-ID’s. Just find the one which ends in a domain name. Emails coming from my website will display from mg.anchor.host as my website using Mailgun, a 3rd party email service. That would looks something like this:
Message-Id: <20160629123031.14089.58300.5AC5EFD0@mg.anchor.host>