RE: is it possible to find geographical place of email sender from email headers



they can assist you in getting a better idea of an exact
location, maybe even a home address if they are nice.

I'm intrigued at this. What did you do, to get them to be nice enough to get
the kid's name? Is this a euphemism for social engineering?

-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx]
On Behalf Of Shreyas Zare
Sent: Sunday, March 02, 2008 6:24 AM
To: tommy; security-basics@xxxxxxxxxxxxxxxxx
Subject: Re: is it possible to find geographical place of email sender
from email headers

Hi,

As I said earlier,since Gmail does not include IP of the sender in the
headers, you cannot find it. This is Gmails policy not to include IP.
If you want to verify, just mail from Gmail to some other account and
check for headers with your IP. You can also try to find my IP address
in this mail's header and since I am using Google Apps service you
wont find it. Only you have is Message-ID that you can use to get
details from Google(if they want to tell you).

Secondly, most ISPs (depends upon the country they are in) wont reveal
their customers IP details for privacy reasons without any court
order/warrant for investigation and if they disclose, the customer can
sue them.

Regards,

On 3/2/08, tommy <thedarksniper@xxxxxxxxx> wrote:
hi
yes it is possable, but you need a more detailed header that has a
scource ip address, then you would gearch google for a whois database
and search for the ip in the whois, it will tell you where the isp is
located, they can assist you in getting a better idea of an exact
location, maybe even a home address if they are nice.
i had to do this yesterday to a kid who thought he could scare me, i
found out that he is in my vocational school IT class and i know
exactly
who it is.

good luck
-tommy
"you do not learn to hack, you hack to learn"

Shreyas Zare wrote:
> Hi,
>
> Since the sender sent the mail using Gmail service, you cant find
out
> his IP address. So you cant find out his location. The only way to
do
> is to contact Google and get details, which is very difficult.
>
> Regards,
>
> On 3/1/08, aliasghar.toraby@xxxxxxxxx <aliasghar.toraby@xxxxxxxxx>
wrote:
>
>> hi friends. is it possible to find geographical place of email
sender
>> from email headers? if it is possible please guide me. following
lines
>> are the headers of email that some body sent to me. and i want to
know
>> who is it? and this email sent to me is related to which country!
>>
*********************************************************************
>> From: tavallode.andeishe225@xxxxxxxxx
>> Date: 11:25 AM
>> X-Account-Key: account2
>> X-UIDL: GmailId11869563bc21cc9d
>> X-Mozilla-Status: 0001
>> X-Mozilla-Status2: 10000000
>> Dekiverd-To: aliasghar.toraby@xxxxxxxxx
>> Received: by 10.70.60.19 with SMTP id i19cs200180wxa; Fri,
29 Feb
>> 2008 23:55:04 -0800 (PST)
>> Received: by 10.100.92.9 with SMTP id
>> p9mr13404088anb.12.1204358101557; Fri, 29 Feb 2008 23:55:01
-0800
>> (PST)
>> Received: by 10.100.120.12 with HTTP; Fri, 29 Feb 2008 23:55:01 -
0800 (PST)
>> Message-ID:
<a42711b0802292355o5baf9a37k34dbe8560560e1c0@xxxxxxxxxxxxxx>
>> MIME-Version: 1.0
>> Control-Tyoe: multipart/mixed;
>> boundary="----=_Part_2228_7917228.1204358101511"
>>
*********************************************************************
>> thanks for any help
>>
>>
>
>
>
>





--
("Computers are useless. They can only give you answers." - Pablo
Picasso)

Shreyas Zare
Co-Founder, Technitium
eMail: shreyas@xxxxxxxxxxxxxx

..::< The Technitium Team >::..
Visit us at www.technitium.com
Contact us at theteam@xxxxxxxxxxxxxx

Technitium Personal Computers
We believe in quality.
Visit http://pc.technitium.com for details.



Relevant Pages

  • Re: is it possible to find geographical place of email sender from email headers
    ... As I said earlier,since Gmail does not include IP of the sender in the ... check for headers with your IP. ... then you would gearch google for a whois database ...
    (Security-Basics)
  • Re: [opensuse] I get some mails with broken headers (gmail related) [solved]
    ... The header may have been been converted into MIME by gmail. ... Such headers will likely be mangled by Postfix, ... ] Message headers contain technical information necessary for the ... I'm trying to capture an imap session, ...
    (SuSE)
  • Re: reply-to
    ... homegrown PHP, for many, many reasons.) ... These may be totally irrespective of the actual headers ... Because the envelope from is a crucial part of the SMTP conversation, its the easiest place to apply sender based rules, and reject spam. ... The MTA wont use it - its the user agent that scans Bccs and CCS and so on and makes a list of envelopes to pass to the MTA. ...
    (comp.lang.php)
  • Re: Why some say "rpm hell"
    ... just petered out with an explanation of what "RPM hell" was, ... You can't do that when someone stuffs up the threading headers. ... client it can be quite easy, but that normally leaves a more apparent ... in just the gmail web interface. ...
    (Fedora)
  • RE: Distressing, possibly life threatening emails from free accounts (yahoo, hotmail
    ... Even if the sender is in the US, spoofing headers is relatively easy, so ... even if Yahoo cooperates in the investigation, ... Typically, log files are not kept very long, and only a law enforcement ... You need to get the original headers from the recipient of the message. ...
    (Security-Basics)