Every email we send and receive has the metadata that has the information about the particular email. Metadata provides routing and other useful information about the email. It is called as ‘email header’ in most of the email programs. Each email application and client have different ways to view the email header information. Let’s look at how to find the IP address of an email in Outlook and do some basic mail tracing.
Once you received an email, you know who and from which domain (For example, gmail.com or yahoo.com….etc) it came, but we do not know the IP address or the location (country) the email originated. Finding the originating IP (Sender’s IP) of particular mail will be helpful to find the location of the sender or the sending mail server. This can help in troubleshooting or finding the spammer who is flooding your mailbox.
View the Email Header and IP Address in Outlook Program
1) Open (Double click) the email you want to trace.
Once you opened the email, go to File –> Info and Properties.
2) In the Properties box, you will see the ‘Internet headers’ as shown below. We can extract more details about this email from this data. Copy that (Ctrl+c) and paste it in notepad or any type of document you can search the string you want easily.
How to view email header in Office 365 Outlook Web Access (Outlook.com)
As requested by one of the users, you can follow the steps to find the email header from Office 365 Outlook when you access the emails from the web browser.
Select the email and click on 3 dots at the right corner. Click on View then View message details.
You will see the same message header data of the email in the next box.
3) Probably you will be seeing several IPs in this mail header. It might be your receiving mail server, sending mail server and the sender’s computer/mobile device IP. It all depended on how the sender’s email application is configured or the default settings of the mail service.
After searing for ‘IP’ from the copied email headers, it returns the following result for me.
The originating IP is possibly your mail server IP which received this email. Since mine is in Office 365, it is one of the office 365 email server IP.
Other Ways to Read an Email Header
There are few famous providers provide useful service to read mail headers in a readable format. We can use GSuite Toolbox Message header or MX Toolbox’s header analyzer, after checking both tools, I found that MX toolbox gives more useful information with IP addresses with DNS name.
4) Go to MXtoolbox header analyzer and paste the email header data you got from Outlook. It will provide details as below.
To trace further about the email IP, we can look for more information from Whois.com or find the IP location.
5) Visit whois.com and input the sender IP you gathered from earlier step by reading the email header.
It will provide lots of information to get some ideas of the IP address you received the email. We almost tracked enough details from an email message.
It is not that simple to investigate and find or track the email sender by the IP address from the email header. Even the methods I mentioned have some limitation and it will not be accurate all the time. If someone really wants to trick/hack you, they can spoof the email headers and mask the IPs. Even they can relay on some authentic email sending servers to send spam email which may look genuine.
You can try the combination of some the methods and get extensive details from the email header. I hope these steps are useful to trace an email up to a certain level to find out the sender’s IP and its details.