Im trying to figure out why the headers from an email sent from a mobile device on a wireless carrier have 2 ips in them.
Received: from [220.127.116.11] ([18.104.22.168])
by datadummies.ve.carpathiahost.net (22.214.171.12460308/8.12.11) with ESMTP id r8CKpNba021735
(version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NO)
for <>; Thu, 12 Sep 2013 16:51:28 -0400
From: "" <>
Date: Thu, 12 Sep 2013 16:51:23 -0400
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:9.0) Gecko/20111222 Thunderbird/9.0.1 AquaMail/126.96.36.199 (build: 2100226)
Subject: Test nopro
Content-Type: text/plain; charset="us-ascii"; format=flowed
X-Spam-Status: No, score=0.1 required=7.0 tests=RDNS_NONE autolearn=no
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on
both of the ips belong to the wireless carrier. what is each one for? and why is there 2 of them? do they both identify the device that sent them or does just one identify the device that sent them? when i do a whatismyip.com when im surfing the net on my mobile device it lists my ip as being the same as the second ip in the headers.