Without getting into the reasons (there are reasons, including legal ones) why you might want to know where an email originated, there are ways to look at every single email you receive and delve into some the tech specs in the header to grab its originating IP address.
Once you have the IP address, you can look that up through various IP lookup websites. While these sites will not give you the exact name and address of the person or business that sent you the email, it will give you the public IP address assigned by their internet service provider. This location will vary from a few miles to covering an entire city depending on how the ISP divides IP addresses.
ISPs usually assign IP addresses dynamically which means that the IP address that was originally associated with the email might be assigned to another user in that region once it arrives at your location and you begin your research.
However, sometimes the IP will still be assigned to that user depending on what type of device that was used to send the email. In any event, this method will give you the general location of the sender.
There is another possibility when dealing with spam type emails. Usually these are generated from server hosting data centers. When you lookup that IP address from any email that originated from one of these data centers, you will only get the location of the data center.
So how do you do it?
In this article I will break it down by some of the more popular web-based email programs such as Google and Yahoo. Each process is basically the same, however, getting to the details in each is a little different.
How to Look Up Origin of Google Gmail Emails
Assuming you have logged into your Gmail account, open the email that you want to lookup.
Once the email is open, click the down arrow that is located to the right of the Reply option.
From there, select “Show Original”.
This will show you a lot of confusing text that might seem like gibberish but this is the basis of internet protocol, the way everything is routed around the internet.
Scroll down and look for that last “Received “. You will likely see more than one option for Received: from because of the number of different servers the messages was routed to and from. Keep scrolling until you reach the last last “Received“.
Received-SPF: none (google.com: email@example.com does not designate permitted sender hosts) client-ip=18.104.22.168;
Now, copy this IP address and go to one of the many IP lookup sites and paste it. More on that later.
Again, the result you get could be very narrow or a citywide location.
How to Look Up Origin of Yahoo Mail
Once again, login to your Yahoo Email account and open the email you want to research.
Go to the “More” tab pull-down menu and select “View Full Header”.
A popup will display all of the technical routing details. Once again, scroll down to the last “Received” row and note the IP address.
You will see something similar to this:
Received: by mta.email.hotels.com id h078hs163hsq for <firstname.lastname@example.org>; Sat, 30 Aug 2014 07:26:53 -0600 (envelope-from <bounce-1935712_HTMLemail@example.com>) client-ip=22.214.171.124
Note, you may encounter situations from commercial or spam type emails that do not show an IP address in this area.
For instance, in the above example, it may only show information such as “XXXXX@bounce.mail.hotels.com”.
How to Look Up Origin of Email in Microsoft Outlook
I am going to have to do this one by memory since I have not used Outlook in years.
First, open Microsoft Outlook and double click on the email you would like to research.
Next, click “View” from the top menu, then select “Options”.
This will prompt an Internet Headers box to display with all of the usual information. Once again, scroll down to the last “Received” and copy the address.
Tracking IP Addresses
Now that you know how to find out what address an email originated from, it is time to use that piece of information to find out the general location of the user or company.
There are various sites that perform this function. Rather than giving you a specific URL, simply search for the phrase “lookup my ip address” or what is my ip address”.
Depending on the IP address you use, you will get something that looks like this:
General IP Information
-25.4167 (25° 25′ 0.12″ S)
-49.25 (49° 15′ 0.00″ W)
These various IP lookup services will also show you a Geo Location map as close to the origin as possible. Again, it can be as close as 1 mile or just show a citywide area.
If the email was sent from inside an office building, it will not give you the exact location from where that email came. But it will give you an idea if you want to pursue the origination further. However, if it is a business, you will need a court order with a viable reason.
I did not cover Hotmail or Live, or whatever Microsoft is calling their email program these days. However, the process is the same. Open the email and look for a “Tools” or “Options” or “More” menu, and select either “View Full Header” or “View Full Source” and locate the last IP address in the same manner.
Whether you use this technique or not, it is always good to know the way information is sent across the internet. Nothing is ever really private, so be careful what you do online.
If you are really concerned about hiding your IP address (there are legitimate reasons for wanting to do so), then you should look into using the TOR browser, or connect with one of the free VPN services online.