The super short answer is: probably not.
The longer answer is more complex, and includes a few maybes. There are scenarios where occasionally the sender’s IP address information is included in email, but it’s not common.
And whether or not that will tell you which iPhone sent the message is even more unlikely.
Become a Patron of Ask Leo! and go ad-free!
If the IP address information is available at all, it’s in what are called the “headers” of the email.
Normally, we think of the headers as being the To:, From:, Subject:, Date:, and occasionally Cc: and Bcc: lines. In reality, there are many more that trace the email’s path from its origin to your inbox. Exactly how you view the headers varies, depending on your mail service and/or email program.1
Pictured below is an email message I sent from my phone to my Hotmail account, viewed in Outlook.com.
I’ve circled two items:
- The ellipsis (…) at the top right of the message, which you click to expose the menu of actions you can take on that message.
- View message source. Click on this to view the actual message source, complete with full headers.
Outlook.com will open a pop-up window containing the message source.
Now you can see why they’re hidden most of the time. They’re not meant for the average user, as they’re full of technical gobbledygook.
That gobbledygook is all plain text, so one approach to making it easier to read is to click in it, select all, and then copy/paste to your favorite plain text editor if you have one. Notepad is one choice.
What to look for in headers
There are two types of lines to look for that may yield clues: “Received: from” and variations of “Sender-IP”. You want to look from the bottom of the headers to the top, as information is typically (though, sigh, not always) added to the top as the message makes its way from sender to recipient.
The lowest “received from” line in my message looks like this:
Received: from mail-il1-f171.google.com ([220.127.116.11]:44522)
by lw6.pugetsoundsoftware.com with esmtpsa (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128)
That tells me that a mail server at Google first sent this message to my server, lw6.pugetsoundsoftware.com. This is because:
- I was using the Gmail app on my phone, so Google would start the sending process.
- I was sending “as” an email address on a domain I own, like “email@example.com”. In order to be authentic, that email must be handled by the server authorized for that domain. In my case, that’s my server.
But that’s the earliest hand-off of the email I can find. And nowhere was the IP address of my phone listed, nor was there any indication that my phone was involved at all.
Subsequent “received from” lines showed the message making its way from my server to sendgrid.com (my outgoing email service), from sendgrid.com to a server at outlook.com, and then another from one outlook.com server to another apparently holding my hotmail.com inbox.
Similarly, the “sender IP” line I found in the header was less than useful.
That’s the IP address of a sendgrid.com server, which Outlook.com noted as the “sender” of the email.
Definitely not my phone.
Sometimes you get lucky
I point out these failed attempts at examining the headers because sometimes you get lucky. There are scenarios where the IP address shown in the header is useful.
Sometimes, you’ll find the IP address of your home — when you use a desktop email program, for example. Sometimes web mail services will include the IP address of the browser session that initiated the email. Sometimes there’s even more information in other or non-standard header lines that can help identify the source of a message.
But usually there is not. Not at the level you’re looking for.
But, sometimes you get lucky, so it’s worth a little investigation, if you’re up to wading through a bunch of technical gobbledygook.
An iPhone is an iPhone is ….
Where I’m most pessimistic of all, however, is your desire to identity one iPhone versus another. There are too many ways this can go wrong.
- As we’ve seen, it’s unlikely that the specific IP address will be included in the email.
- If the phones are connected to the cellular network, their IP address will change randomly, so you wouldn’t be able to determine which was which with any reliability.
- If the phones are connected to a shared Wi-Fi connection — as would be common in a home — they may even share the same external IP address.
So unless the email program being used is itself adding some other phone-specific and identifiable information in the email headers, I think your chances for determining who sent what are slim to none.
If you found this article helpful, I'm sure you'll also love Confident Computing! My weekly email newsletter is full of articles that help you solve problems, stay safe, and give you more confidence with technology. Subscribe now and I'll see you there soon,
Footnotes & References
1: I’ve not found any way to reliably see headers on a mobile email app, though I suspect there may be some that support it. You’ll want to do this on a real computer, regardless of what service you use.