Hi, I wanted to ask if it’s possible to spoof your IP trough Hotmail now, because lately I’m getting mails with “weird” headers.
I only have this problem with the emails of this one particular person…so this seems kinda fishy to me.

We have been mailing each other for a while now and usually it’s no problem for me to check his IP.
However, when I tried look up the IP in his latest mails I had to notice that not only has it changed but what’s even more confusing, the Sender IP is now the same as the one from Hotmail (well not exactly the same, the last two or three digits are different but still they’re both Hotmail IPs…I’ve checked it).

How is that possible? I thought every time you send an email, the mail service transmits your real IP and there’s no way to stop or influence that.
I mean sure the “X-Originating-IP” can be manipulated but at least the “Received: from 64.4.56.210 by…” line should be hacking proof.
Obviously, he didn’t use any proxies either, otherwise I would have get a fake IP and not the one from Hotmail.
I wouldn’t be surprised if he is trying to spoof his IP really, since we had a discussion about this issue (anonymity on the net) once + he’s very secretive and like I said, I only have these kinda problems with his mails. I can still easily check the IP of other people with hotmail accounts.
Also, he mentioned something about attending college lately…do you guys think that he could have done all this “spoofing shit” with/trough his university's server (I mean do you think that this has something to do with it?)?

Here’s the header and thanks in forward for any replies (I’ve marked the lines where his real IP should be):



Received: from [64.4.56.37] (helo=hotmail.com)
by mx22.web.de with esmtp (WEB.DE 4.104 #268)
id 1DAF3k-0001Gw-00
for [email protected]; Sat, 12 Mar 2005 23:26:12 +0100
Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC;
Sat, 12 Mar 2005 14:26:11 -0800
Message-ID: <[email protected]>
Received: from 64.4.56.210 by by101fd.bay101.hotmail.msn.com with HTTP;
Sat, 12 Mar 2005 22:26:11 GMT
X-Originating-IP: [64.4.56.210]
X-Originating-Email: [[email protected]]
X-Sender: [email protected]
From: "XX XXX" <[email protected]>
To: [email protected]
Bcc:
Subject: hey
Date: Sat, 12 Mar 2005 16:26:11 -0600
Mime-Version: 1.0
Content-Type: text/plain; format=flowed
X-OriginalArrivalTime: 12 Mar 2005 22:26:11.0690 (UTC) FILETIME=[7EBACCA0:01C52752]
Sender: [email protected]



P.S.: I’m sure both IPs are from Hotmail (Redmont,Washington) "[64.4.56.37] (helo=hotmail.com)" and "Received: from 64.4.56.210 ", you can use any online IP locator to confirm this yourself .