Locating source of incoming email

Discussion in 'Help Desk' started by VJEE, Aug 5, 2014.

  1. VJEE

    VJEE New Email

    Aug 5, 2014
    Likes Received:
    I have an incoming email where the original sender has used a hotmail account. How do I get the source in terms of actual location(country or city). From the headers I am not able to locate the senders IP address. Only hotmail servers in USA are showing up. The original email(hotmail one) is forwarded from our own gmail mail account. Please guide me.

    The headers are as follows:

    Return-Path: <kuldeepkhurana2007+caf_=nascousa=aol.com@gmail.com>
    Received: from mail-lb0-f171.google.com (mail-lb0-f171.google.com []) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by mtaiw-mae:)01.mx.aol.com (Internet Inbound) with ESMTPS id 5785B70000086 for <nascousa@aol.com>; Tue, 5 Aug 2014 14:40:38 -0400 (EDT)
    Received: by mail-lb0-f171.google.com with SMTP id l4so1080611lbv.30 for <nascousa@aol.com>; Tue, 05 Aug 2014 11:40:38 -0700 (PDT)
    Received: by with SMTP id ey6csp377140ldc; Tue, 5 Aug 2014 11:40:36 -0700 (PDT)
    Received: from BLU004-OMC2S18.hotmail.com (blu004-omc2s18.hotmail.com. []) by mx.google.com with ESMTPS id qm2si2775950pac.149.2014. for <kuldeepkhurana2007@gmail.com> (version=TLSv1.2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 05 Aug 2014 11:40:35 -0700 (PDT)
    Received: from BLU178-W22 ([]) by BLU004-OMC2S18.hotmail.com with Microsoft SMTPSVC(7.5.7601.22712); Tue, 5 Aug 2014 11:40:33 -0700
    X-Google-Dkim-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-original-authentication-results:delivered-to:message-id :content-type:from:to:subject:date:importance:in-reply-to:references :mime-version; bh=pua6k08TYkuDhEFMK+GX0Q2rAgKXLGFujXAMVtZfU5M=; b=Q/TeF62hkqyYtT/np43FKSreoOiVFrarY5HY2/fPjREUEBeMqDiQttVs1NrnDbvZM4 yw7kqZz6Qp0LcXjpEsrc5jb1aItaP2XS2k3rz1w17aSJDbaylNWyCb1mrI/5EGQw+NnS Ex6njnJjtSsPKRZn7XzrxCKW2hf3DGNncozCXP87esJWZpbE6HqHKDg/QA6yo0ow9R8e X7M4OsCG+5lHQWncDpYeWQJwSsJ3eU0Eu61KqCjycsiOSu+6ewB1HERQHh1BJtJlEBle U7bd5cBgG2tyz/vT/RE1JAhtbk48nl/QOawo/gAzPhSeKdbiHBWJkzwKO7bbcJI2+qKp H2KA==
    X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of aanchalkhurana@hotmail.com designates as permitted sender) smtp.mail=aanchalkhurana@hotmail.com
    X-Received: by with SMTP id wr2mr5908135lbc.10.1407264038067; Tue, 05 Aug 2014 11:40:38 -0700 (PDT)
    X-Received: by with SMTP id x9mr6259295pdi.27.1407264035384; Tue, 05 Aug 2014 11:40:35 -0700 (PDT)
    X-Forwarded-To: nascousa@aol.com
    X-Forwarded-For: kuldeepkhurana2007@gmail.com nascousa@aol.com
    Delivered-To: kuldeepkhurana2007@gmail.com
    Received-Spf: pass (google.com: domain of aanchalkhurana@hotmail.com designates as permitted sender) client-ip=;
    Authentication-Results: mx.google.com; spf=pass (google.com: domain of aanchalkhurana@hotmail.com designates as permitted sender) smtp.mail=aanchalkhurana@hotmail.com
    Authentication-Results: mx.aol.com; spf=pass (aol.com: the domain gmail.com reports as a permitted sender.) smtp.mailfrom=gmail.com; dmarc=fail (aol.com: the domain hotmail.com reports that Neither SPF nor DKIM align.) header.from=hotmail.com;
    X-Tmn: [Kcq6YUbdy55o8x8J2u5ied7nfIONeqPv05Nv/GrYxRo=]
    X-Originating-Email: [aanchalkhurana@hotmail.com]
    Message-Id: <BLU178-W2215573D3063390A4FC8C5CDE30@phx.gbl>
    Content-Type: multipart/alternative; boundary="_63ee02e8-8306-4fb2-8cda-10c44c7a77e6_"
    Importance: Normal
    In-Reply-To: <CAFtCOE9st07p6wwg=j3jKtMCzZq4qO-ts7nhfsYBPmKrq60TTQ@mail.gmail.com>
    References: <CAFtCOE-NT18stbtUtLPJhi6WmaD1iyxh9_tcD+uhq=MNCDJYZg@mail.gmail.com>,<BLU406-EAS73C57977B5E79B32D9433CDF10@phx.gbl>,<CAFtCOE9snaYiGMomeFi63mObhw_Zod0dAnf3VbYE2nN0PBurXg@mail.gmail.com>,<BLU406-EAS31998041BE44951E7CEA0E3CDE70@phx.gbl>,<CAFtCOE9eeaFLi4vE7V+aosFgn1VxSkDUzbpOYV_TxYwFXC61Hw@mail.gmail.com>,<BLU406-EAS366253E577A1B37431B060DCDE50@phx.gbl>,<CAFtCOE9st07p6wwg=j3jKtMCzZq4qO-ts7nhfsYBPmKrq60TTQ@mail.gmail.com>
    Mime-Version: 1.0
    X-Originalarrivaltime: 05 Aug 2014 18:40:33.0524 (UTC) FILETIME=[BD7A5B40:01CFB0DC]
    X-Aol-Global-Disposition: G
    X-Aol-Scoll-Dmarc: mtaiw-mae01.mx.aol.com ; domain : hotmail.com ; policy : none ; result : F
    X-Aol-Sid: 3039ac1afe8753e125266e52
    X-Aol-Spf: domain : gmail.com SPF : pass

  2. popowich

    popowich EQ Forum Admin Staff Member

    Aug 12, 2008
    Likes Received:

    Hotmail & Outlook.com don't show the senders IP address in the headers anymore.

    Law enforcement might be able to obtain the information from Microsoft with a subpoena, but it's not information that regular users can obtain on their own anymore.

Want to reply or ask your own question?

It only takes a minute to sign up (and it's free!). Click the orange sign up button to choose a username and then you can ask your own questions on the forum.