Hello everyone. I'm seeking some advice/information related to IP addresses.

I admin a small online community. It's private, password protected, and a new member can only gain access at the invitation of a current member; such invitation must then pass administrative approval. We can't be found via search engines and all our advertising is by word of mouth. Our members post under user names, not their legal names. Most of our members were formerly involved in a much, much larger community where harassment, trolling, stalking behaviour and even death threats became the norm, so we don't mind being closeted away. As a result of that experience, there is a certain level of vigilance and fear among my members that wouldn't necessarily be present in another community our size.

Recently, I asked all members to provide a non-primary e-mail address of their choosing that I can post publicly in order to facilitate ease of private communication among members. A few of my members are vehemently opposed to this idea. They fear their IP addresses could be discovered as a result and this could expose them to possible personal harm. In particular, they fear an unsavoury character could use this information to harass, stalk, and discover even more personal information such as their land address and real names. I don't have a great deal of knowledge in this area. I don't know if that sort of thing could happen or not.

The service I host my site through records the IP addresses of all members who post -- these are then made available to admins. Some of those IP are static, some are not. When I run them through WHOIS, the land address of my member's ISP is provided. Sometimes the ISP is located within that member's geographical area, other times they are separated by thousands of miles. Therefore my first question is: Can knowledge of an individual's IP address coupled with knowledge of the land address of their ISP be combined to reveal private information such as their name, land address or telephone number?

All my members seem to understand that exchanging mail with one another is a potential means of exposing their IP address. The group that is most opposed to posting of addies, further states that there are mail programs that can detect your address simply by sending mail to your account. They assert that no "exchange" has to take place; these programs can arrive in your mailbox and then "bounce-back" to the sender, complete with the recipient's IP address. I've done some preliminary searches but I can't find any information related to same. Which brings me to my second question: Is there anywhere I can find a concise summary of e-mail programs and what they're capable of as written for the lay person?

I've tabled my decision on this policy until I can gather some solid information on the matter. It's very likely that I'll go with an amended policy that allows members to choose for themselves if they want their address posted. As an admin, I work hard to educate my members on the areas where they could be at risk and what they can do to protect themselves and their loved ones in the online environment. I don't allow my members any illusions about my ability to completely protect them from the negative element that is out there -- I expect that they must assume the lion's share when it comes to protecting themselves. However, neither do I want to inadvertantly expose them to risk as a result of an poorly informed policy. Can someone please point me in the direction of some resources (preferably online) that I can use to better educate myself in regard to this issue?

Much thanks.