IP Addresses and email

Discussion in 'Gaming and Software' started by Recce19, Jun 15, 2010.

Welcome to the Army Rumour Service, ARRSE

The UK's largest and busiest UNofficial military website.

The heart of the site is the forum area, including:

  1. A friend recieved an email from her ex husband (who she's trying to trace). She has the email address, which is a yahoo.com one and is traced to America (he's a septic), but the ip is traced to Italy.

    Now, he's meant to be still resident in Germany, is this possible for the two to be in different countries (the ip and email loc)? I know you can get ip masking software but not come across this before. If it is correct, is there a way to backtrace to the real ip?

    Ta muchly! :D
  2. Tell the truth! Who are you stalking?
  3. Yes it is possible. Mail is routed regularly via proxy servers and routers, and the original IP will be masked in this way.

    The mailserver at Yahoo.com (mail.yahoo.com) will have a specific IP. Now there are likely to be several mail servers all over the planet. There may be a mail.yahoo.it server for arguments sake. This will have a separate IP address from the one in the states. Domain Name System (DNS) will hold the IP routing tables with a record of both IP addresses. (An IP address is matched within the routing table with the Fully Qualified Domain Name - FQDN).

    What happens is this. let us say he has a xxxx@yahoo.com e-mail address. When he logs on to his computer and signs into yahoo mail, his computer (no matter where he is) will contact the internet and look for a DOT server.

    Internet addresses have an invisible extra dot at the end e.g. www.mail.yahoo.com.

    So his machine will look for the DOT server and query the DNS records at the DOT server for an IP address for something called COM.

    The DOT server will send back to the machine, the IP address of the COM server.

    His machine will then query the COM server and ask for the IP address of something called YAHOO.

    The COM server will send the IP address of the YAHOO server.

    His machine will then ask for the IP address of the mail server, and the YAHOO server will pass the IP back to his machine until he has the IP of the MAIL server. Dependent on his login details and Post Office Protocol (POP) settings he should be now able to access his mail from wherever he is on the planet.

    It may be that Yahoo have done some replication of data across mail servers to shorten this route by distributing mail to a server in Italy.

    Its a bugger to trace without the software, and due to his login being held securely it is difficult to trace where his mail is actually stored and distributed from.
  4. No need to stalk - already been there. ;)

    DigitalGeek, thanks for the detailed reply and is pretty much as I (I think) understood it, bar the way the queerying works.

    Basicall, if I'm on the right wavelength, the email IP is not necessarily in the coulntry that his email originally was sent from and is just using the easiest routing.

    In other words, for a layman, there is little chance of using this approach to find a geographical location of the said septic.
  5. More chance of plaiting snot! :lol:
  6. :lol: :lol: :lol: :lol: :lol: