windy:

it's pretty easy.
bring up advanced options on the imposters message
and you can see items like:

Message-ID: text here
NNTP-Posting-Host ip address: here
X-Trace: information here
Organisation: NTL

various bits of information that can be used to traced back.

Doesn't always point to the person that is doing it though, some people
even manage to work around that.
That will be down to the legal team and the ISP in question when they
investigate