Page 1 of 1

Finding out emailer's contact info

Posted: Fri Apr 08, 2022 1:01 pm
by indtint
I'm new here so if I'm not in the right place please advise me.

We had a man posing as a customer attempt to lure one of my staff to a vacant home (not his property) claiming he needed a quote for window tint. As she was leaving she informed me she was giving someone a quote for residential tint. The time of year, his name, and the fact there was no profile for him made me suspicious. I later confirmed he didn't own the home, nor did the owner know him. He continues to state it's his property (he doesn't know we found out he a fraud. When asking for a email and a phone number we were able to determine both we made within the last 24hrs. I contacted Google both by email and voice. They were not concerned about this at all. Any help on how I can identify this individual or the origination of the email would be greatly appreciated. Thank you for any help you can give. Below is the header info.

Return-Path: <>
Delivered-To: [email protected]
Received: from ([])
by with LMTP
id 2O9iKqFZMmKfcQAA5kiHlw
(envelope-from <>)
for <[email protected]
Return-path: <>
Envelope-to: [email protected]
Delivery-date: Wed, 16 Mar 2022 17:41:53 -0400
Received: from [] (helo=bosimpinc03)
by with esmtp (Exim)emoved
id 1nUbOz-0007rQ-Cg
for [email protected]; Wed, 16 Mar 2022 17:41:53 -0400
Received: from ([])
by bizsmtp with ESMTP
id UbOynOjdFxO2hUbOznIwct; Wed, 16 Mar 2022 17:41:53 -0400
X-EN-IMPSID: UbOynOjdFxO2hUbOznIwct
Received: by with SMTP id bb15-20020a05622a1b0f00b002e06ae2f56cso2294958qtb.12
for <[email protected]>; Wed, 16 Mar 2022 14:41:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20210112;
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20210112;

Re: Finding out emailer's contact info

Posted: Fri Apr 08, 2022 2:22 pm
by Chrispcritters
In order to get the user's IP address and any details about the user Google might have you would need to hire a lawyer, file a lawsuit, and subpoena the account records from Google. This may get you a phone number and IP address(es). From there you would need to subpoena the wireless carrier and ISP to find the phone account holder and who the IP address(es) were assigned to at the time the account was accessed. From talking with lawyers in the past this like would cost in excess of $10,000. If they're using a non-us phone carrier and ISP this may not even be possible.

You may be able to save a step and send the person a link and trick them into clicking it so that their IP address is recorded for you. Services like Grabbify and IPlogger would do that.