How to track the original location of an email via its IP address

Identify the true source of email messages:

Internet emails are designed to carry the IP address of the computer from which the email was sent. This IP address is stored in an email header delivered to the recipient along with the message. Email headers can be thought of like envelopes for postal mail. They contain the electronic equivalent of addressing and postmarks that reflect the routing of mail from source to destination.

Finding IP Addresses From Email Headers:
Unfortunately, Simple Mail Transfer Protocol (SMTP), the main protocol used when sending email, does not include a way to authenticate where the email message originated. However, the mail server inserts a Received: header at the top of every email message it processes, providing a continuous track of the message's route and making it possible to determine the origin of the message.
There are two steps involved in the process of tracking an email: find the IP address in the email header section and then look up the location of the IP address.

Finding the IP address of an email sender in Yahoo Mail and G Mail
Yahoo Mail Classic :
1. Log into your account and open the email.
2. At the bottom right, you’ll see there is a link Brief Header and Click on it

Now here’s the technical part that you need to look for the lines of text that start with “Received: from“. You’ll notice that there is one more Received: From - in the message header. This is because the message header contains the IP addresses of all of servers involved in routing that email to you.

To find the first computer that originally sent the email, you’ll have to find the Received From that’s farthest DOWN. As you can see from the above image, the first one is from a computer called “Computer10” with the IP address [59.92.193.164]. Then it was routed through the google.com email server.

The computer "Computer10" is a personal computer and its IP address [59.92.193.164] is a public IP address for that computer!

Therefore, we have just tracked this email to the source -- IP Address [59.92.193.164].

Google’s Gmail
1. Log into your account and open the email.
2. Click on the down arrow that’s to the right of the Reply link. Choose Show Original from the list

Again, you’ll see the same information as before, just in a different window:

Tracking the location of an IP addressWe can do this by perform a location lookup on the IP address by using IP2Location and GeoBytes IP Locator.

IP2Location also gave you the information pretty much, including the ISP (Cox Communications). If you want more information, you can do a WHOIS database search also. This will give you information on who hosts that IP address and their registration information.