« previous next »
Pages: [1]

Author Topic: How do I find the IP address of the person who sent me an email via Hotmail?  (Read 3938 times)

Offline wifeydoddley

  • Newbie
  • *
  • Posts: 2
How do I find the IP address of the person who sent me an email via Hotmail?
« on: September 15, 2015, 05:18:52 PM »
Hello,

I need to find the IP address of a person who sent me an email from their Hotmail account, but I don't know where to start looking.  Does anyone know where I'll find it?

I'm hoping that once I have their IP address that I can then get their home address somehow from that?   

Hope someone can help me  ;)

Emma
Logged

Offline SKaero

  • Administrator
  • Hero Member
  • *****
  • Posts: 5,879
    • SKaero - Custom Roundcube development
Re: How do I find the IP address of the person who sent me an email via Hotmail?
« Reply #1 on: September 15, 2015, 05:54:26 PM »
There will be an IP address in the header of the email but it will most likely be a hotmail mail server not the ip address of the actual person who sent you the email. Even if you have the ip address of the person who sent the email that wouldn't allow you to find the persons actual address, only the ISP would have that information which they wouldn't hand out without a court order.
Logged

Offline BroadwayLion

  • Newbie
  • *
  • Posts: 3
Re: How do I find the IP address of the person who sent me an email via Hotmail?
« Reply #2 on: October 07, 2015, 08:17:39 AM »
LION does not know about other websystems, but him just looked at a message sent to himself from a gail account, and him looked at the message source. To do this in RoundCube, there is a little down arrow at the far right of the abreviated message headder which will reveal the entire headder, and this information includes the fact that it was sent by a gmail account, AND the IP numbers that gmail received this information from.
At this level of network protocols, only IP numbers are used, However there should be a headder marked "Reply Path" which should have the senders name IF that name was provided to gmail (or hot mail) when that account was set up. That Line is:   Return-Path: <broadwaylion@gmail.com> Obviously that line may be blank or forged or irrelevant such as for a user that wants replies to go to a different account.

The Line of interest is:
Received: from [192.168.42.69] (10G-N-Static-1-3.ctcinet.com. [173.241.180.3]) by smtp.googlemail.com with ESMTPSA id l5sm12717242oej.12.2015.10.06.10.11.53 for <elias@assumptionabbey.com> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Tue, 06 Oct 2015 10:11:54 -0700 (PDT)

Where the IP address 192... is my personal computer inside of our network, IP address 173... is our static IP address provided by our internet provider.

Now, I do not know if this information is preserved by your ISP provider when he forwards the message to you. Mail to our system is first sent to AppRiver who vets all incoming mail for spam. (We use AppRiver as our MX) If it passes their tests, they forward the messages to our server (hMailserver) for distribution to our users. RoundCube is on this server to provide web access to our users, and works directly with our mail server.
AppRiver preserves all incoming headers and includes them.

Both AppRiver and our servers preserve this information and include it in the received headders. Your ISP may not do this. It is part of the envelope that some protocol stacks strip away. It is only preserved if the servers handling the transaction preserve it in the message source. some apparently do not bother.

Elias
Logged
Pages: [1]
« previous next »