Plus the fact also sits with, how the person gained access. Your friend might want to sit down and think of the computers they have used to log into their hotmail account. If someone setup a keylogger on that computer, it would obtain the user ID and password. Or maybe your friend accidentally set his account to auto login anytime someone went to hotmail.com. Just so you can back track and maybe go that route with trying to figure out who might have gotten in and sent the email.

As for tracing the IP, there is only so much a typical person can do. You can trace someone's IP back to the server itself, but you can't get much more information then that. I've been down this road before for clients of mine, so I know how it is. The companies have to hold all personal information on an account. The only thing they can tell you for sure is if the IP does belong to them. To get anything else you would need a warrant, and the police/FBI/whoever would have to talk to the people at the ISP to get the proper information. Then only will they be able to go and question, they probably won't even tell you who it is. Unless they have reason to believe that person is the one responsible for sending the email. But by then that person would be charged anyway and it would become a court matter.

That's about the best I can do for you, sorry I can't be of much more help. But there is security and privacy for a reason, to protect you and to protect everyone.

Just a thought...
~AciD