

Gmail Senders IP Address ? - anekantavad

http://support.google.com/mail/bin/answer.py?hl=en&#38;answer=26903<p>I personally find the above information a bit unacceptable. Especially the use of 'may' and then the whole deal about spam filters!<p>If a Gmail user is bullying you and sending you abusive emails - How do you get their IP address? Anyone know?<p>Thanks!
======
anekantavad
Nope! It points to a Google IP in California! And I live in the UK and am
quite certain the email came from someone in the UK.

Here's the header:

Received: from DB3PRD0104HT012.eurprd01.prod.exchangelabs.com (10.4.156.40) by
DB3PRD0106HT005.eurprd01.prod.exchangelabs.com (10.3.5.131) with Microsoft
SMTP Server (TLS) id 14.15.108.4; Thu, 4 Oct 2012 12:35:25 +0000 Received:
from DB3PRD0104HT023.eurprd01.prod.exchangelabs.com (10.4.156.53) by
DB3PRD0104HT012.eurprd01.prod.exchangelabs.com (10.4.156.40) with Microsoft
SMTP Server (TLS) id 14.15.108.5; Thu, 4 Oct 2012 12:35:25 +0000 Received:
from mail47-ch1-R.bigfish.com (216.32.181.171) by
DB3PRD0104HT023.eurprd01.prod.exchangelabs.com (10.4.156.53) with Microsoft
SMTP Server (TLS) id 14.15.108.5; Thu, 4 Oct 2012 12:35:15 +0000 Received:
from mail47-ch1 (localhost [127.0.0.1]) by mail47-ch1-R.bigfish.com (Postfix)
with ESMTP id BF329160077 for <smgxrcs@xxx.ac.uk>; Thu, 4 Oct 2012 12:35:14
+0000 (UTC) X-Forefront-Antispam-Report:
CIP:128.40.105.162;KIP:128.40.105.162;UIP:(null);(null);H:vscano-d.xxx.ac.uk;R:internal;EFV:INT
X-Safelisted-IP: 128.40.105.162 X-FOPE-CONNECTOR:
Id$17341%Dn$UCL.AC.UK%PF$0%SF$0%RO$0% Received-SPF: neutral (mail47-ch1:
128.40.105.162 is neither permitted nor denied by domain of gmail.com) client-
ip=128.40.105.162; envelope-from=muffledmuffin65@gmail.com;
helo=vscano-d.xxx.ac.uk ;-d.xxx.ac.uk ; Received: from mail47-ch1
(localhost.localdomain [127.0.0.1]) by mail47-ch1 (MessageSwitch) id
1349354112842960_16280; Thu, 4 Oct 2012 12:35:12 +0000 (UTC) Received: from
CH1EHSMHS010.bigfish.com (snatpool2.int.messaging.microsoft.com
[10.43.68.232]) by mail47-ch1.bigfish.com (Postfix) with ESMTP id BE12C140085
for <smgxrcs@xxx.ac.uk>; Thu, 4 Oct 2012 12:35:12 +0000 (UTC) Received: from
vscano-d.xxx.ac.uk (128.40.105.162) by CH1EHSMHS010.bigfish.com (10.43.70.10)
with Microsoft SMTP Server (TLS) id 14.1.225.23; Thu, 4 Oct 2012 12:35:10
+0000 Received: from vscan-b.xxx.ac.uk ([144.82.100.151]) by
vscano-d.xxx.ac.uk with esmtp (Exim 4.76) (envelope-from
<muffledmuffin65@gmail.com>) id 1TJkdv-0001ku-Qt for xxx.xxx@xxx.ac.uk; Thu,
04 Oct 2012 13:35:07 +0100 Received: from mail-ob0-f194.google.com
([209.85.214.194]) by vscan-b.xxx.ac.uk with esmtps (TLSv1:RC4-SHA:128) (Exim
4.76) (envelope-from <muffledmuffin65@gmail.com>) id 1TJkdl-0003vW-QD for
xxx.xxx@xxx.ac.uk; Thu, 04 Oct 2012 13:34:57 +0100 Received: by mail-
ob0-f194.google.com with SMTP id un3so74845obb.9 for <xxx.xxx@xxx.ac.uk>; Thu,
04 Oct 2012 05:34:52 -0700 (PDT)

~~~
jgrahamc
The headers seem to indicate that this was received by Google over SMTP which
means that likely something other than the gmail web interface was used.

Are there any other interesting headers?

~~~
anekantavad
Thanks. How would I go about obtaining any other headers from the email ?

------
CrankyBear
It's in the message's headers. Go to the top, far right of the message, hit
the down arrow, and then click show original for the headers.

------
anekantavad
Also, I suspect they'd be using their iPhone

