There are different reasons why you may want to be able to trace an email to its source IP, one likely reason being that you want to find out the origin of that those annoying emails that consistently dodge your spam filter, or you want to confirm the origin of an email requesting for sensitive information. You can accomplish this task using its IP address.
Not sure what an IP address is? Think of it as a street number in a geographic directory. It is a unique number automatically given to devices connected on a network and with it, devices communicate with other devices and servers both within and outside the network.
IP addresses can be used to pinpoint the origin or destination of network traffic and this is the address that we will check for in the header of the email whose location you want to decipher.
What is an Email Header?
All emails come with a lot of data especially about their sender and destination but a lot of that information is collapsed by default. You must be familiar with the 'To', 'From', and 'Subject' fields – these and other fields belong in the so-called email header section and you can easily access them in just about 3 steps that depend on your email client app.
Gmail
- Open the email of interest
- Click the 3-dot menu in the top-right corner
- Select “Show original”
YahooMail
- The 3-dot menu is at the top
- Select “View raw message”
Microsoft Outlook
- Locate the 3-dot menu icon above the email text
- Select the option to “View message source”
Whichever email client app you’re using, the motive is to view the email in its raw/source state after which you can get busy.
Locating the IP Address
When you choose to view the email in its raw form you’ll be welcomed with texts that seem like jargon. They’re not. Quickly find the sender’s IP address by pressing Ctrl + F and then searching for “Received” or “Received from“. Found it yet? That’s the sender’s IP address right next to it.
Email Header Analyzers
Now that you have the IP address your next task is to figure out its geographic interpretation. It is possible to fast-track this process from when you view the email in its raw state. How? By using any of the many free header analyzers available online.
Worthy mentions include:
- MXToolbox-Analyze Headers
- GSuite Toolbox Message Header Analyzer
- whatismyip.com
- IP-Address Email Header Trace
- IP Tracker
Copy and paste the email header text into the text field of the analyzer app and begin the trace. If the analyzer finds it difficult to locate the IP address you have no need to be worried because you already know how to locate it manually.
Possible Drawback
While there is a good chance of this method working on any email, it can fault when you trace the IP address of emails sent form GMail and you’re lead to the location of Google’s servers instead of the actual sender. This may be a good or bad thing depending on which side of the fence you’re standing on.
Read more in Best privacy-focused email services.
How effective was this article at helping you trace your email of interest? Have you got other methods or hacks you want to share with the world? Let us know about your experience in the comments section below.
So what about spoofed addresses? How does this get you back to where an e-mail came from if the IP address was spoofed? Just curious. I know new technology arises from time to time, but I’m not aware of a method to pinpoint the origin of a spoofed IP. Is there a way to do this now?
Not any that I know about. IP spoofing is achieved using botnets which all contain thousands of computers for spoofing multiple addresses which make an automated attack difficult to trace. Unless one is the target of a powerful security organisation like the NSA (which shouldn’t be the case), there’s nothing to be worried about.
hi Martins,
does not it tell the IP address of the email provider , rather than of actual desktop client (or ISP) ?
Hello Razbainkys,
these days, most email clients include the IP address of the organisation that registered the server and omit that of the sender.