Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

OSX Mail logs access?

L

lieiti

macrumors newbie
Original poster
Mar 31, 2009
8
1
Miami
Hello, I need to learn please how to open and read OS X 'Mail' logs.

The goal is to find the destination IP for a particular email (need to prove for a legal case that the recipient of an email was in a particular location at the time of receiving that email).

I thought it would be included in the email's header, but learned that the header only contains the Sender's IP address and the relay server IPs that the email passes through on its way to the destination. The header does not record the destination IP address of the email recipient.

I learned that the MDA (mail delivery agent) and/or Mail client would record such information in its log, and believe in this instance it would be the OSX Mail app.

Does anyone know how to find these particular Mail logs that record incoming email information such as this?

Any and all information and/or other suggestions to achieve this result is highly appreciated!

The version of OSX on the computer is actually 10.6.8, but I could not find a section for it (perhaps too old). I am guessing / hoping however that 10.7 might be very close to 10.6 in this regard.

Thank you.
 
Weaselboy

Weaselboy

Moderator
Staff member
Jan 23, 2005
34,136
15,598
California
lieiti said:
The goal is to find the destination IP for a particular email (need to prove for a legal case that the recipient of an email was in a particular location at the time of receiving that email).
Click to expand...
There is no way for you to know or learn that from your Mac. You will need to subpoena the email provider for that information.
 
L

lieiti

macrumors newbie
Original poster
Mar 31, 2009
8
1
Miami
Thank you Weaselboy for your reply. Please find attached a screenshot of a response I received from serverfault.com's forum.

This person believes that the logs of the 'MDA' responsible for delivery of the email would have this information. What would the MDA be in this instance? The local ISP, or perhaps the Hotmail account? Thanks.
 

Attachments

  • Screen Shot 2017-04-19 at 4.18.21 PM.png
    Screen Shot 2017-04-19 at 4.18.21 PM.png
    93.6 KB · Views: 209
Weaselboy

Weaselboy

Moderator
Staff member
Jan 23, 2005
34,136
15,598
California
lieiti said:
This person believes that the logs of the 'MDA' responsible for delivery of the email would have this information. What would the MDA be in this instance? The local ISP, or perhaps the Hotmail account? Thanks.
Click to expand...
Correct... the MDA (mail delivery agent) would be the ISP or whatever provider of the recipient's email service is. So if you sent an email to bob@hotmail.com, for example, you would need to subpoena records from Hotmail to find out from what IP address that mail was opened.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom