Note: The following example is one of many ways to go about this process...
Look at the spam and determine what is being advertised and who is offering the product or service.
Create a folder on your hard drive and name it the advertiser's name. (For Example: "XYZ.com")
Create a folder inside the first one and name it "Evidence".
Create another folder in the Evidence folder and name it "Spam".
The "Header" is at the top of the email, and contains such information as the date and time it was received, the Subject Line of the email, the sender's name and email address, and the recipient's name and email address. Expose the "Full Header" information in the email. In most cases this can be accomplished by selecting "Show Full Headers" under the "View" menu, but your email client may vary. (For Example: In Yahoo!mail, you select "View Full Header" under the "Actions" button. Note: we have not discovered any way to view Full Headers within the gmail system, but we are open to ideas.)
Note the Date and time the the email was sent. (For Example: "Wed May 11 14:10:22 2011")
Create a folder inside your Spam folder and give it a name based on the date and time sent. (For Example: "201105111410" Note: You may well get multiple spams per day from the same spammer, so your folder's name should include the time down to the minute!)
Go back to the exposed Full Header, select all, and copy. Then open your favorite basic word processing program (we suggest something like "word pad" for Windows or "textEdit" for Mac), and paste. Print the document and file it in a manila folder labeled with the Company Name & "Evidence" (For Example: "XYZ.com - Evidence"). Save the document as a .txt file in the date/time folder you created before. Include the word "header" in the name (For Example: "201105111410header.txt").
Go back to the spam message itself and print it just as it looks on the screen. File this in your "Evidence" folder. Save a digital ."pdf" copy of the rendered spam message if you can, and include the word "rendered" in the name (For Example: "201105111410rendered.pdf" Note: Depending on your operating system, you may have to purchase Adobe Distiller or some other PDF creation software. On a Mac with OSX, you can simply select "Print" from the "File" menu, but instead of printing, select "Save as PDF" from the "PDF" button.)
Expose the "Source Code" for the email. In most cases this can be accomplished by selecting "Page Source" under the "View" menu list, but your email client may vary. Copy the full source code, paste it into a text document, and save this document to the same folder you've been using, adding the word "source" to the name (For Example: "201105111410source.txt". Note: Source code can take several pages to print out, so in order to conserve paper and ink, we recommend holding off on printing it unless it becomes necessary later on in the litigation process).
Go back to the spam message and click on the target in the email (the link to the advertised product or service). This should open a browser window and take you to the advertiser's webpage. Print a copy of the page and file it in your "Evidence" folder, then save a digital ".pdf" copy of the advertiser's web page if you can (For Example: "201105111410target.pdf").