OSX Mail logs access?

Discussion in 'Mac OS X Lion (10.7)' started by lieiti, Apr 19, 2017.

  1. lieiti macrumors newbie

    Joined:
    Mar 31, 2009
    Location:
    Miami
    #1
    Hello, I need to learn please how to open and read OS X 'Mail' logs.

    The goal is to find the destination IP for a particular email (need to prove for a legal case that the recipient of an email was in a particular location at the time of receiving that email).

    I thought it would be included in the email's header, but learned that the header only contains the Sender's IP address and the relay server IPs that the email passes through on its way to the destination. The header does not record the destination IP address of the email recipient.

    I learned that the MDA (mail delivery agent) and/or Mail client would record such information in its log, and believe in this instance it would be the OSX Mail app.

    Does anyone know how to find these particular Mail logs that record incoming email information such as this?

    Any and all information and/or other suggestions to achieve this result is highly appreciated!

    The version of OSX on the computer is actually 10.6.8, but I could not find a section for it (perhaps too old). I am guessing / hoping however that 10.7 might be very close to 10.6 in this regard.

    Thank you.
     
  2. Weaselboy Moderator

    Weaselboy

    Staff Member

    Joined:
    Jan 23, 2005
    Location:
    California
    #2
    There is no way for you to know or learn that from your Mac. You will need to subpoena the email provider for that information.
     
  3. lieiti thread starter macrumors newbie

    Joined:
    Mar 31, 2009
    Location:
    Miami
    #3
    Thank you Weaselboy for your reply. Please find attached a screenshot of a response I received from serverfault.com's forum.

    This person believes that the logs of the 'MDA' responsible for delivery of the email would have this information. What would the MDA be in this instance? The local ISP, or perhaps the Hotmail account? Thanks.
     

    Attached Files:

  4. Weaselboy Moderator

    Weaselboy

    Staff Member

    Joined:
    Jan 23, 2005
    Location:
    California
    #4
    Correct... the MDA (mail delivery agent) would be the ISP or whatever provider of the recipient's email service is. So if you sent an email to bob@hotmail.com, for example, you would need to subpoena records from Hotmail to find out from what IP address that mail was opened.
     
  5. lieiti thread starter macrumors newbie

    Joined:
    Mar 31, 2009
    Location:
    Miami
    #5
    Thank you Weaselboy, all makes sense. Much appreciated.
     

Share This Page