there was complain from a user inside my organization that he received email from firstname.lastname@example.org,
and wants to trace whether the name mentioned in that email sent it or somebody on behalf of this email address
Users seeks for further information which we cannot provide at this point because mailbox audit log is not enabled for the mailbox, also no other user have full access or send as permission on the mailbox (sender) email@example.com
however we found that it was originated from the IP address 10.121.2.3, but we couldn’t trace this IP back.
is therea any way we can trace this ip back to host