I'm no techie, but the simplest answer to me seems to be to create the account and send the email from a public library near (or not near) to you....
posted by tivalasvegas at 11:29 AM on May 25, 2011

I know this isn't really what you're asking, but I once had a student e-mail me from an anonymous gmail account saying that I should know there were people cheating on an exam I'd given.

But he made the mistake of putting in his real name when gmail asked. So it really wasn't anonymous at all.

So, you know, don't make that mistake.
posted by madcaptenor at 11:35 AM on May 25, 2011 [8 favorites]

In the message headers, it will include the IP address of the originating machine. It is trivial for a decent techie to identify the city and state of origin. It will also be easy to identify what ISP was used (cable company, verizon, etc). If the recipient has other email from you and is interested enough to compare, he can probably determine that it is the same IP address you used for other messages

You could make sure you always send your messages from public WiFi hotspots, which would only allow him to determine the city/state. If you want to be more sneaky, you need to use a proxy service.
posted by Lame_username at 11:36 AM on May 25, 2011

It should be pretty anonymous barring a court order.

A gmail message won't reveal anything about your IP address, ISP or other personal information

I just pulled an email from a gmail correspondant at random and examined the headers. It included this:

Received: from PaulLaptop (pool-71-179-xx-xxx.bltmmd.fios.verizon.net [71.179.xx.yyy]) by mx.google.com with ESMTPS

My friend who sent it is indeed named Paul and it was presumably his laptop. I'm pretty confident if I quizzed him he would say he uses Verizon FIOS in the Baltimore MD area.
posted by Lame_username at 11:39 AM on May 25, 2011

Your friend didn't use the gmail web interface, he used google's SMTP servers.

The web interface does not pass along the sender's IP. The SMTP service does.
posted by toomuchpete at 11:40 AM on May 25, 2011 [3 favorites]

Lame_username: In the message headers, it will include the IP address of the originating machine.

Actually, if you send from Gmail's web interface, it will not. Gmail is notorious for not including the original sender's IP address. If you send with an SMTP client such as a mail app on a phone or computer, it will include your IP, however.

On preview, what toomuchpete said.
posted by zsazsa at 11:41 AM on May 25, 2011 [1 favorite]

Mine just has this:

MIME-Version: 1.0
Received: by 10.236.60.230 with HTTP; Wed, 25 May 2011 11:27:00 -0700 (PDT)
Date: Wed, 25 May 2011 13:27:00 -0500
Delivered-To: xxx@gmail.com
Message-ID:
Subject: does gmail attach IP addresses?

10.236.60.230 is not my IP, probably a google server. So yes, Gmail's web interface does not send any identifying information.
posted by wayland at 11:43 AM on May 25, 2011

If you send email from a desktop app (Thunderbird, Apple Mail, etc) that you use to interface with gmail, it will indeed include your IP. But using the service through a browser window and you won't include IP info.

I'm intrigued by Lame_username's discovery, though.
posted by NoiselessPenguin at 11:43 AM on May 25, 2011

justkevin writes "If the recipient has mad tech skills and is deliberately trying to figure out who the sender is, beware of following any links they send in response-- they could send you to a website they control and log your IP address and browser information that way."

Also if your mail client automatically loads non attached images (do any clients still do that?) your IP address will be revealed to the image server.
posted by Mitheral at 12:47 PM on May 25, 2011

I checked my own outgoing GMail messages (sent with the web interface), and my IP address was nowhere in them. Lame_username's friend was using SMTP, as mentioned.

One thing I didn't know about, though: My Google account's email address was included in the headers, even though I'd sent the email as "from" another email address. Something to be aware of...
posted by neckro23 at 12:48 PM on May 25, 2011

I don't know what SMTP and google interface are, but would any of it matter if I created and sent a throwaway gmail from a public library? Wouldn't they just know at most that it came from that library?
posted by ThatCanadianGirl at 1:19 PM on May 25, 2011

0.236.60.230 is not my IP, probably a google server

Yep - 230.60.236.10.in-addr.arpa name = yhcu66.prod.google.com.

So yeah, if you use the web interface and the account doesn't have your real name or anything, I don't see how the recipient could find out anything useful.

(Obviously Google has some info on your IP, etc but you seem only concerned with the end recipient)
posted by wildcrdj at 3:31 PM on May 25, 2011

Er, unless they think to look at AskMetafilter, see this question, and know your account name....
posted by wildcrdj at 3:31 PM on May 25, 2011

It depends on what you mean by anonymous.
A court order can make Google release IP and other information about your posts.

Think a public library is safe? Ever notice the video cams in and around the building? Think about that.

Think an open WiFi is safe? Did you know that the router you connect to and a bunch of others down the line will store your computer's MAC address in the IP packet? Did you know that your MAC address is unique to your computer? Did you know that your open WiFi router can store that information for months or longer? Think about that.

Think TOR is safe? Did you know that anyone can be a TOR node? Did you know that anyone who is a TOR node can read a good bit the information passed to and from their node? The encryption between nodes is crackable by law enforcement agencies. Think about that.

The safest that I can think of involves a MAC address spoofer, single use open WiFi and bouncing your packets between 2 or 3 open anonymizers (and/or securely compromised machines). You'll need to do all that when you first sign up for the Gmail account as well.
posted by Poet_Lariat at 3:34 PM on May 25, 2011

Nothing is ever really anonymous like that. Unless you have mad hacker skillz, maybe, which you don't. I don't see your IP address or any of that when you send it to me. Your hacker buddy might or might not be able to, depending on the extent of those tech skills you mentioned.
posted by J. Wilson at 4:55 PM on May 25, 2011

Poet Lariat, the OP described in the question the threat model s/he wants protection against and it seems clear that s/he can be anonymous using a gmail account web interface for his/her purposes.

Your answer accirately addresses the difficulties of a different threat model.

The only other issues I'd raise are that the OP should change writing style slightly and choose a difficult security question.
posted by Busy Old Fool at 12:20 AM on May 26, 2011

Poet_Lariat. "Did you know that the router you connect to and a bunch of others down the line will store your computer's MAC address in the IP packet?"

No, they won't, there's no space in the IP headers for them to do so :)

The data packet on the local network will include both your MAC and IP address of course, which I suspect might be what you meant!

IIRC, the Russian spies arrested in the US last year were caught partially because the MACs of their laptops turned up again and again in the vicinity of known Russian embassy staff who were being tailed by the US security services — they were exchanging data over coffee-shop wifi networks.
posted by pharm at 6:39 AM on May 26, 2011

No, they won't, there's no space in the IP headers for them to do so.

(Only true for IPv4. With IPv6 the last chunk of the address is usually the same as the MAC of the computer in question.)
posted by pharm at 5:54 AM on June 13, 2011

This thread is closed to new comments.