PDA

View Full Version : Email Headers



Yohhan
07-15-2002, 02:27 AM
Anyone know where I can read up on email headers? I'm using Outlook.

When I email myself, I'm able to find the IP address of my home router in the header, which is sometimes the IP address of my computer when I'm hooked directly into my cable modem. I'm wondering if this is always the case.

In one of the emails I received, one of the IP addresses under "Received" read: 5.5.2653.x ... What's the deal with that? The four digits that is?

Also, I noticed that sometimes different email headers have different numbers of "Received: from" and "Received: by" lines. Is there any reason for this?


I'm mostly concerned with if I can regularly obtain a person's IP from their emails. As mentioned above, I know I was able to get mine. If anyone knows of some good additional reading on the subject, i'd appreciate it.

Just so you don't think I'm getting ready to do something malicious, I run a message board, and I'm trying to match up IP's with posters who have previously been banned (and went and signed up under a different username and email), by comparing the IPs in their previous emails to me with IPs being used on the board.

Thanks.

FA-MAS
07-15-2002, 08:08 AM
Anyone know where I can read up on email headers? I'm using Outlook...

I'm mostly concerned with if I can regularly obtain a person's IP from their emails. As mentioned above, I know I was able to get mine. If anyone knows of some good additional reading on the subject, i'd appreciate it.

Do a search for "X-Mailer Header" and you'll find everything you need.

As for getting the IP of the sender's of e-mails, the closest you will be able to get is host name or IP address of the mail server it's coming from.

Later

Yohhan
07-15-2002, 08:56 AM
Thanks, I've found a couple sites.

Any idea why that IP had 4 numbers in it though?

FA-MAS
08-01-2002, 11:06 AM
For that IP with 4 numbers. It had to be either the host name other header information. It's an unbreakable rule that IP's h ave 4 octets, conveyed in decimal format, and go no higher than 255. But host names can be anything you want, as long as they contain a domain name. For example, my IP right now is:

xxx.yyy.123.321

but my host name is:
xxx-yyy-123-321.bras01.elk.ca.frontiernet.net

my ISP has a naming convention setup, that involves my IP, location, and the ISP's domain name. They could really make it anything they want.

Later