Solved

IP Address of the originating desktop

Posted on 2014-03-05
16
465 Views
Last Modified: 2014-03-10
Good day to all and thank you in advance for your time and expertise.

How do I find the IP address of the desktop from where an email was send. The email account was created on the fly, meaning it is obviously a temporary address. The person created an account with outlook.com. What I'm able to find is the address of the MS server but not the originating IP address. Here's the Header information :

Received: from mx21.exchange.telus.com (10.9.6.104) by
 HEXHUB12.hostedmsx.local (10.9.6.102) with Microsoft SMTP Server id
 8.3.298.1; Sat, 1 Mar 2014 07:54:32 -0700
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AgYCAGrzEVNBNr5RnGdsb2JhbABagkKGdaVklywWDgEBAQEBBg0JCRQoghwcBoEFAYEfNYdCARScB4NbAqQdFYdfF5IAgRQEiRM4iHCbdw
X-IronPort-AV: E=Sophos;i="4.97,568,1389769200";
   d="scan'208,217";a="42643293"
Received: from bay0-omc2-s6.bay0.hotmail.com ([65.54.190.81])  by
 mx21.exchange.telus.com with ESMTP; 01 Mar 2014 07:54:32 -0700
Received: from BAY181-W17 ([65.54.190.124]) by bay0-omc2-s6.bay0.hotmail.com
 with Microsoft SMTPSVC(6.0.3790.4675);       Sat, 1 Mar 2014 06:54:32 -0800
X-TMN: [pRWocxOE1AKwK8RgJN0d78ERpKAyhEEZ]
X-Originating-Email: [verite_@outlook.com]
Message-ID: <BAY181-W173C187F1D0E97A27E4B249A8D0@phx.gbl>
Return-Path: verite_@outlook.com
Content-Type: multipart/alternative;
      boundary="_315c5d21-9f4f-4e8f-9246-52e93bb08649_"
From: Anonyme personne <verite_@outlook.com>
To: "nathalie.tankova@apecq.org" <nathalie.tankova@apecq.org>
Subject: Commentaire
Date: Sat, 1 Mar 2014 09:54:31 -0500
Importance: Normal
MIME-Version: 1.0
X-OriginalArrivalTime: 01 Mar 2014 14:54:32.0033 (UTC) FILETIME=[27584D10:01CF355E]
0
Comment
Question by:andy951
  • 7
  • 6
  • 2
  • +1
16 Comments
 
LVL 28

Expert Comment

by:Jan Springer
ID: 39906680
Received: from mx21.exchange.telus.com (10.9.6.104) by

has a public IP of 205.206.208.34
0
 

Author Comment

by:andy951
ID: 39906684
Hi thanks, is that the person computer or the mail server?
0
 
LVL 28

Expert Comment

by:Jan Springer
ID: 39906701
Looks like the mail server (which could also be a web mail server).
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 

Author Comment

by:andy951
ID: 39906715
Is there a way to find the originating IP address? The person probably used IE to create the outlook.com email address. To send the message the originating IP must be included, is it not?
0
 
LVL 28

Expert Comment

by:Jan Springer
ID: 39906777
The originating IP could be the server if it is also running a webmail app.  

Because the client IP is handled via HTTPS, I do believe that it will show in the SMTP headers.
0
 

Author Comment

by:andy951
ID: 39906788
How do I get a hold of the SMTP header?
0
 
LVL 26

Expert Comment

by:pony10us
ID: 39906807
According to http://whatismyipaddress.com/trace-email

The source IP address is 65.54.190.124

According to ARIN that address belongs to Microsoft

http://whois.arin.net/rest/ip/65.54.190.124
0
 
LVL 28

Expert Comment

by:Jan Springer
ID: 39906815
pony10us is correct.  I was reading the headers in the incorrect order.
0
 
LVL 80

Expert Comment

by:David Johnson, CD, MVP
ID: 39907232
If someone uses webmail then you don't get the senders actual ip address but the address of the server
0
 

Author Comment

by:andy951
ID: 39907251
Do you know if it can be requested from MS.
0
 
LVL 26

Expert Comment

by:pony10us
ID: 39907276
Probably not.  Once you get this far it usually takes a subpeona to get that type of information.
0
 

Author Comment

by:andy951
ID: 39917304
How can I prove this to my boss she doesn't believe that the IP address can not be found. She is certain it can. Is there any documentation which will convince her?
0
 
LVL 28

Accepted Solution

by:
Jan Springer earned 500 total points
ID: 39917552
You will not get a company, service provider or not, just randomly handing out information regarding an IP address.

And, unless a significant amount of money is involved or a law has been broken in your jurisdiction, filing a report with the police won't do much good either -- a subpoena is about the only way to get it.  Having said that, that information will not be available to you unless the police decide to press charges.
0
 

Author Comment

by:andy951
ID: 39917581
What if I use a email service which provides data on emails. Will that include the IP address of the computer the email was opened on?
0
 
LVL 28

Expert Comment

by:Jan Springer
ID: 39917607
No company in the US  is going to violate -- or shouldn't -- the privacy of its users.
0
 

Author Comment

by:andy951
ID: 39917632
I get it, it's some else that does not. But i will close this question. Thank you for all your help.
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A safe way to clean winsxs folder from your windows server 2008 R2 editions
The advancement in technology has been a great source of betterment and empowerment for the human race, Nevertheless, this is not to say that technology doesn’t have any problems. We are bombarded with constant distractions, whether as an overload o…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question