How to trace email sender’s location

How to trace email sender’s location

What is an email header?

Each email you receive comes with headers. The headers contain information about the routing of the message and the originating IP address of the message. Not all electronic messeges you receive will allow you to track them back to the originating point and depending on how you send messages determines whether or not they can trace an email address back to you. The headers don’t contain any personal information. At most, the results of the trace with show you the origination IP and the computer name that sent the email. After viewing the trace information, the initiating IP can be looked up to determine from where the message was sent. Remember, IP address location information DOES NOT contain your street name, house number, or phone number. The trace will most likely determine the city and the ISP the sender used. How to enable email headers?
This process will vary on different email messaging programs that you may be using. I will cover some of the most common options here.

1. Outlook: Right click the message while it’s in the inbox and choose Message Options. A window will open with the headers in the bottom of the window.
2. Gmail: Once Logged into your Gmail Account open the Email whose headers you want to view. Click on the “More Options” link in the message next to the date of the email.  Now click the “Show Original” link.  This link will popup a new window the headers and the body of the message.
3. Hotmail: Click on the “Options” link in the upper navigation bar. Now click on the “Mail Display Settings” link. Change the “Message Headers” option to “Full” and click Ok. Go to your inbox and open any one of your email. You emails show now contain additional headers.
4. Yahoo: Click on the “Options” link in the upper navigation bar. Now click on the “General Preferences” link. In the paragraph titled Messages and locate the “Headers” heading and select “All”. Go to your inbox and open any one of your email. You emails show now contain additional headers.

In any case, email headers typically look something like this:

Return-Path:
Delivered-To: admin@searchtricks4u.com
Received: (qmail 13384 invoked by uid 110); 13 May 2005 21:33:53 -0000
Delivered-To: 1-leo_nospam@pugetsoundsoftware.com
Received: (qmail 13380 invoked from network); 13 May 2005 21:33:53 -0000
Received: from bay107-f18.bay107.hotmail.com (HELO hotmail.com) (64.4.51.28)
by pugetsoundsoftware.com with SMTP; 13 May 2005 21:33:53 -0000
Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC;
Fri, 13 May 2005 14:33:53 -0700
Message-ID:
Received: from 64.4.51.220 by by107fd.bay107.hotmail.msn.com with HTTP;
Fri, 13 May 2005 21:33:52 GMT
X-Originating-IP: [XX.X.XX.XXX]
X-Originating-Email: [xyz@hotmail.com]
X-Sender: xyz@hotmail.com
From: “Leo Notenboom”
To:  admin@searchtricks4u.com
Bcc:
Subject: Example Email
Date: Fri, 13 May 2005 14:33:52 -0700
Mime-Version: 1.0
Content-Type: text/plain; format=flowed
X-OriginalArrivalTime: 13 May 2005 21:33:53.0097 (UTC) FILETIME=[75980390:01C55803]

Your email header may look a lot different. It may be longer or shorter, or have additional information, or less. But the basic idea is that there’s a lot of information in the headers that has to do with the administration of getting the email from the sender to the receiver.

The easiest way for finding the original sender is by looking for the X-Originating-IP header, this header is important since it tells you the IP Address of the computer that had sent the email. If you can not find the X-Originating-IP header then you will have to shift through the Received headers to find the sender’s ip. Once you know the IP address of the sender, you can lookup the location using free service at ip2location.com.