There are many tools available to help track down the source of Spam.

• Ping: Ping is a tool that sends a packet to the remote site and listens for the return echo. It will tell you the IP Address, Host Name, and time of the packet round trip along with some other info. Ping is included with Windows, Windows 95/98 and Windows NT. You can use it by typing from the MS-DOS Prompt: ping (IP address) or ping 111.222.333.555 for example. You can use ping (host name) or ping www.microsoft.com for example and ping will use your DNS service to look up the address. If you have the IP address however use that since Spammers can disguise the host name. Using a graphical toolkit like Cyberkit will make using ping and other tools easier.
• Finger: Finger is a tool that queries the host machine and asks for information about the user. You send the user's email address as the query. Finger tends to be slow if it works at all. Sites often turn off finger to maintain user privacy. Finger is not included with Windows but is found in the various toolkits. Sipb.mit.edu maintains a list of active Whois servers which you can obtain by sending the request 'Whois-Servers'(Whois-Servers@Sipb.mit.edu) .
• Whois Whois is a tool that queries one of a number of Internet Whois servers for information about the site from the InterNIC database. This data can be quite out of date. Whois is not included with Windows but is included with the toolkits.Sipb.mit.edu maintains a list of active Whois servers which you can obtain by sending the request 'Whois-Servers'(Whois-Servers@Sipb.mit.edu) . I find whois.arin.net the American Registry for Internet Numbers for the US to be the most useful. You query the whois server using the first three sets of numbers from the IP address. For instance if the IP address is 260.111.222.123 you would quesry the whois server using 260.111.222
  Whois is not included with Windows but is generally included with any of the toolkits.
• Name Server Lookup: NS Lookup will take an IP address and look up the name in the Domain Name Server. You will get the same information that Ping gives you.
• Trace Route: Trace Route or as its commonly known tracert will show all the systems that a message from your system traverses on its way to a destination system.

---

• Sam Spade web site: this site has most of the tools you'll need to track down Spam: ping, nslookup, finger and so on.
• CyberKit includes a full set of tools that run from your system.