1. View the header data and find the Message-ID field:
Message-ID: <000701c89564$0115a292$cc4fb2bc@kagscc>2. Break out the important portion (bolded between last $ and @):
cc/4f/b2/bc3. Reverse by octet and convert from hex:
bc = 188Source IP address is 126.96.36.199
b2 = 178
4f = 79
cc = 204
Unless the message ID or original IP was spoofed (possible), this is the IP of the computer that originally sent the email.