• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 269
  • Last Modified:

Timezones Defy IP Address Locators in Mail Headers, which are correct?

I received an anonymous e-mail message that contained an attachment that no one should have seen but a small group of people. The e-mail was addressed to me directly and came from a generic g-mail account.

When I first started parsing the message headers, I noticed that the time zones indicated that the first couple of hops happened in the Pacific Standard Time zone and then one or two hops in the Mountain Standard Time zone, followed by several hops in the Eastern Standard Time zone.

I used Geobytes to locate the original IP address and it said that it was just outside of Los Angeles.

The problem is that the DNS entry would seem to indicate that original IP address came from Floriday.  (for example: 2933-334.hsd1.fl.bombastic.net, where the "fl" indicates florida")

So, how do I find out where the real original IP address is located? I know the IP Address, but is it Florida or California?

If I normally connect to the internet in florida, send mail from my laptop in florida, etc., and then I take my laptop to the east coast, how does that affect the timezone listing in my e-mail headers?

Any advice or inmput would be greatly appreciated.
Could I be
  • 2
2 Solutions
Time zone is based on the configuration of the computer making the timestamp, not the physical location of the system.

I routinely set all my timezones to the west coast on systems, regardless of where they physically are, so that any application which gets the time without calculating zone will get west coast time - because corp HQ is on the west coast and a brief glance at logfils and timestamps which shows time in their local time is easier than constantly translating the times for them.  If I need to know the actual time for me, I can always recalculate.
Those geolocation things for IP addresses are not very accurate anyway. I'm in Rochester, NY and it says I'm located in Virginia (600 miles away) because that is where my ISP has a datacenter.
Actually, geocoding email server addresses is not that bad, it is very rare to have an email SERVER going through a widely divergent geographic location.

The original client though...not too accurate.

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now