Hi all,
Does any one know how obtain a ip address from mail id (123@123.com).
Hi Malinda,
If all you have is the email address, then you can't determine the IP address of the person who sent the email (as far as I'm aware).
If you have an email that they sent (specifically, the headers of that email), then there are usually some clues as to their source IP (e.g. the Received headers, and sometimes an X- header added by webmail clients).
-s
Insted of reading mail header cant we get ip address using mail ID..
Any other alternative way ???
The email address (xxx@yyy.zzz) only specifies which server to deliver mail to (the server returned by an MX query for yyy.zzz) and which user on that server (xxx). An email address alone cannot give you the client IPs that have sent mail from that address.
If you have either the headers of the email your client received, or mail logs from an intermediate server that relayed the email, you might be able to get more information.
-s
Ohk, i thought there is a way..
Thanks for the helping hand..
Insted of reading mail header cant we get ip address using mail ID
The mail ID string is assigned by the handling server. You'd have to get cooperation of the owner of the server to begin using that. It's been a while since I worked in an ISP so I don't know what the current requirements are under the Patriot act, etc but we never traced activity by mail ID. It would have been pretty hard for us to comply if we had ever gotten such a request.
It's been a while since I worked in an ISP so I don't know what the current requirements are under the Patriot act, etc but we never traced activity by mail ID. It would have been pretty hard for us to comply if we had ever gotten such a request.
If you're using postfix, and have the relevant day's /var/log/mail.log (Debian's naming convention), you can trace the from/to information by message-id pretty easily.
True, just don't know if ISPs are required to keep the mail.log now. We didn't 7 years ago.
1/ tracert (Traceroute) 123.com will get the ISP's server
2/ check the header of the email for HELO it will have the IP
3/ email the address in such a way you'll get a response then check the HELO address or
4/ check your ISP's mail logs
5/ google the email address and see what turns up
6/ deja (google groups) the email address
if your law enforcement you can get the sending ISP to send you their mail logs - match the sending times
Or just send an e-mail to the address with a pixel bug, or external CSS file, or a greating card, or ….etc. etc.