Wednesday, March 11, 2009

Email part 1

1. What information about a user's email, the origin of a message, and the path it took, can you glean from an email message?

Email taskdeath to all spammers. As you may have guessed from the title, my first sample is from your happy fiend to spammer. Yes I hate them. One day the web will takes its revenge!


Its obvious the email above is from deprived person only set out to cause trouble, just look at the garbage in the address block. I find the best way to quickly and easily identify who the email is from is to use filters that automatically presort any new mail. Any incoming email that bypasses this first stage of sorting is either a new contact or spam—this method is a great time saver.
The next screen shot is from an email that has been automatically forwarded from the beautiful people in NET11 through my uni email to my main email account.



So, which path? Follow the yellow brick road. Before I started this question I had a look at the Discussion Board which just confused me more.
I'm not to sure in which direction I should take this question. The two possible answers I can see are:
  1. Hit the road Jack and take the IP path—as talked about on the Blackboard which I had to think about how to extract the meta data out from the head of the email. I started as usual to search on Google but this proved fruitless and I got bored because most of the searches came up with PC suggestion—pointless for a Mac user. I then had a brilliant idea to just save an email to the desktop as an html file and open that in a text editor. Bingo, it worked. See the results below. ps I'm still trying to decode the info but I can see IP addresses and domain names so I trust this is correct.
  2. The path can be traced if the user has forwarded the mail to another participants. This is simple providing the user has invoked the "forward" function in the email software which just appends the new message to the old, just like chain mail. To find, just scroll down within the body of the email and look for "quoted" information in the email and bingo, info revealed.
    It views very must like threads on the Discussion Board.


If it was only that easy to trace spammers the web would be a quieter place.

more soon.

No comments:

Post a Comment