I have email headers of people I have never met with their IP.I need to know and validate their exact location as they expect to take money from me but I do not wish to be fooled.
Asked
Active
Viewed 99 times
0
-
1Does this answer your question? [How to trace email?](https://security.stackexchange.com/questions/16562/how-to-trace-email), [Tracing the location of a mobile IP from an email](https://security.stackexchange.com/questions/122507/tracing-the-location-of-a-mobile-ip-from-an-email). – Steffen Ullrich Mar 21 '21 at 13:38
-
1*"I have email headers of people I have never met with their IP."* With the proliferation of web based email, it's likely you have the IP of the Web Server. Even if it's an originating client IP, it can't be trusted. – user10216038 Mar 21 '21 at 16:01
-
"as they expect to take money from me but I do not wish to be fooled". This raises many read flags. They are probably trying to fool you (with plenty of explanations, surely). Do not give them any money! – Ángel Mar 21 '21 at 21:51
1 Answers
1
As you have asked the question, the only possible answer is do not hope to be able to relyably do that
The problem in SMTP headers, is that any header could be forged, even if all cannot be forged at the same time. And free VPNs are great at presenting an IP address which is not the original one. So here is a simple possibility:
- I am currently in a country with poor security reputation but I know free VPNs in England, Germany or France, and use a mail account in the same country
- I use one of those VPN to connect the Webmail host
Then all IP addresses that you will be able to find in the mail will say that the mail originates from England, Germany or France...
And I was not even speaking of the From: address...
Serge Ballesta
- 25,636
- 4
- 42
- 84