Hi - I am new here. I did a lot of research before asking here, hoping to not waste your time.
So what is going on is, a person who lives in FL (ex spouse), always emails us. We recently received an email from a relative of hers sounding very much like her and things she would typically say. The relative lives in Massachusetts. So it should be pretty easy to see if the IP address is anywhere in FL that it was clearly not the relative. I pulled up the header and typed in all of the IP addresses listed and they only come up as Comcast's address and Yahoo's emails. The Ex's email is a gmail account so I know we can't pull up that info (shows "private lan) but the relative's email is a yahoo and it should work. Is there something I am doing wrong? I have even used a website where you can enter the entire header and it will figure it out for you, but same results.
Any ideas? Thank you!
Thanks for your question jcandherboys.
I guess I don't understand what you are asking?
Emails sent through Yahoo may or may not contain the real originating IP. Mails sent through Comcast email services will show the email of the server that handled the email and the originating IP.
If the header shows a Yahoo and Comcast IP, the sender was probably using a Comcast internet account and sending the email through Yahoo.
All of the Comcast IP's that I have seen will translate to a reverse DNS that will identify the area they are in. For example, the reverse DNS for my home IP is c-66-41-xx-xx.hsd1.mn.comcast.net, the mn indicates I am in Minnesota and the reverse DNS form my office IP is 173-165-xx-xx-minnesota.hfc.comcastbusiness.net, clearly indicating Minnesota. The only exception I know of would be for a Comcast business class static IP where they have replaced the reverse DNS with the customers domain or mail server name.
If they sent the email through a user like whoever @comcast.net, you would see a Comcast mail server similar to this: qmta08.westchester.pa.mail.comcast.net but farther down in the header it would show the IP of the sender and sometimes even the internal IP of the computer that was used.