[nmglug] originating IP for an @yahoo.com e-mail
Gary Sandine
gars at laclinux.com
Wed Jun 6 23:17:13 PDT 2007
On Wed, Jun 06, 2007 at 01:22:27PM -0600, Jason Schaefer wrote:
> I don't know of any web-based mail that sends the senders ip in headers. The
> headers always seem to report the hosts (yahoo) ip as the received from.
Check it out, Yahoo does in some (most?) cases. I just tested it
(details below). The first header was:
Received: from [x.y.z.w] by web57514.mail.re1.yahoo.com via HTTP;
(I changed my IP to x.y.z.w when I pasted the header into my
e-mail, but it was exactly the IP of the machine I used to compose
the e-mail.)
[..]
> Gary Sandine wrote:
> > On Tue, Jun 05, 2007 at 03:31:04PM -0600, Andres Paglayan wrote:
> >
> >> I'll suggest those with yahoo accounts start sending email to you
> >> with details in the body, to see how those hand written details match
> >> those of the header
> >>
> >
> > Thanks, that's a good idea. I tried it and it's a perfect match:
> >
> > Received: from [x.y.z.w] by web57514.mail.re1.yahoo.com via HTTP;
> >
> > The machine in which I was running the Firefox instance used to
> > compose the e-mail was at x.y.z.w.
> >
> >
> > [..]
> >
> >> On Jun 5, 2007, at 2:28 PM, Gary Sandine wrote:
> >>
> >>> I have noticed that e-mails from Yahoo Web mail generally start with
> >>> a header like:
> >>>
> >>> Received: from [71.222.227.237] by web38908.mail.mud.yahoo.com via HTTP;
> >>>
> >>> which indicates that the e-mail was likely composed on a computer in
> >>> Albuquerque by a Qwest DSL customer with IP 71.222.223.237.
> >>>
> >>> Well, I'm interested in tracking down the origin of an e-mail from
> >>> an @yahoo address, and the first header is:
> >>>
> >>> Received: from [206.190.52.38] by web57409.mail.re1.yahoo.com via HTTP;
> >>>
> >>> The IP 206.190.52.38 belongs to Yahoo! Broadcast Services, Inc. and
> >>> resolves to mg001.mail.re2.yahoo.com.
> >>>
> >>> The likely possibilities I can think of are:
> >>>
> >>> 1. the e-mail originated from a Yahoo employee;
> >>>
> >>> 2. the e-mail originated from someone using Yahoo SMTP services; or
> >>>
> >>> 3. in some cases, Yahoo Web mail does not reveal the originating IP.
> >>>
> >>> I wonder if anyone on this list knows about Yahoo e-mail infrastructure
> >>> and might know how to find out where this e-mail came from, or perhaps
> >>> that it's not possible.
> >>>
> >>> Thanks,
> >>> --
> >>> Gary Sandine <gars at laclinux.com>
> >>>
> >>> _______________________________________________
> >>> nmglug mailing list
> >>> nmglug at nmglug.org
> >>> http://www.nmglug.org/mailman/listinfo/nmglug
> >>>
> >> _______________________________________________
> >> nmglug mailing list
> >> nmglug at nmglug.org
> >> http://www.nmglug.org/mailman/listinfo/nmglug
> >>
> >
> >
>
> _______________________________________________
> nmglug mailing list
> nmglug at nmglug.org
> http://www.nmglug.org/mailman/listinfo/nmglug
--
Gary Sandine <gars at laclinux.com>
More information about the nmglug
mailing list