Yahoo! E-mail Header Mix-Up

SmackTack

New Email
I've been searching everywhere to find information about Yahoo! Mail headers and their possible flaws. Here's the issue:

I receive e-mails from many people outside the United States and just recently it's been brought to my attention that some of these people might be claiming to be in a certain part of the world when, in fact, they are located elsewhere. I understand that there will be several "received from:" lines within the header and the one with the earliest time stamp generally reveals the IP Address of the sender. When I do a geo-location of that IP address it is most often nowhere near the supposed location of the actual sender.

Can someone explain this? Does Yahoo! Mail have issues with referencing the correct IP Address for international e-mails? It's been making me insane for days! Also, I want to add that these e-mails are not spam and I don't suspect any IP masking, etc.

Any help would be appreciated. Thanks.
 

popowich

EQ Forum Admin
Staff member
Hello,

Do you have some headers to copy/paste?

Headers can be forged. You can only trust headers created by mail servers that you trust.

Sometimes spammers add extra headers at the beginning to throw you off when reporting them.

:welcome: to Email Questions!
 

SmackTack

New Email
Here's a copy of one of the headers: IPs and E-mail addresses are changed for privacy. Any comments? Perhaps the time stamps might be able to tell where the e-mail originated? I don't believe this is spam. Also, this particular e-mail was sent from an iPad.

From sender e-mail Sat Jan 28 12:01:46 2012
X-Apparently-To: my e-mail via IP1; Sat, 28 Jan 2012 12:01:55 -0800
Return-Path: sender e-mail
Received-SPF: none (domain of yahoo.com does not designate permitted sender hosts)
X-Originating-IP: [IP2]
Authentication-Results: mta1292.mail.sk1.yahoo.com from=yahoo.com; domainkeys=pass (ok); from=yahoo.com; dkim=pass (ok)
Received: from 127.0.0.1 (HELO nm30-vm0.bullet.mail.ne1.yahoo.com) (IP2)
by mta1292.mail.sk1.yahoo.com with SMTP; Sat, 28 Jan 2012 12:01:54 -0800
Received: from [IP3] by nm30.bullet.mail.ne1.yahoo.com with NNFMP; 28 Jan 2012 20:01:53 -0000
Received: from [IP4] by tm6.bullet.mail.ne1.yahoo.com with NNFMP; 28 Jan 2012 20:01:53 -0000
Received: from [127.0.0.1] by omp1035.mail.ne1.yahoo.com with NNFMP; 28 Jan 2012 20:01:53 -0000

Received: (qmail 79369 invoked from network); 28 Jan 2012 20:01:53 -0000

Received: from [IP5] (sender e-mail@IP6 with xymcookie)
by smtp116-mob.biz.mail.ne1.yahoo.com with SMTP; 28 Jan 2012 12:01:52 -0800 PST
Subject: Subject
From: sender e-mail

Date: Sat, 28 Jan 2012 13:01:46 -0700
To:my e-mail
Content-Transfer-Encoding: 7bit
Mime-Version: 1.0 (1.0)
 
Top