Abstract: E-mail is electronic mail used to send files, pictures, and others easily and quickly. However, as time goes by, there is a lot of misuse of e-mail, causing inconvenience to the recipient. One of them is spam e-mail sent to many people without prior permission from the intended owner. Hackers can forge e-mail headers anonymously for malicious purposes. The research object is to simulate sending spamming e-mails to 1 victim with a total of 40 spamming e-mails. The research follows the flow of the Network Forensics Development Life Cycle (NFDLC) method with the stages of initiation, acquisition, implementation, operation, and disposition. Simulation of sending e-mail using easy e-mail spammer tools and testing of e-mail using Wireshark tools. The test results show that 40 e-mails were successfully received or entered into the victim's inbox, and the test was successfully carried out by getting results based on predetermined parameters. The parameter is the IP address of the sender or spammer found is 72.125.68.109, the victim's IP address is 192.168.1.12.