Presentation is loading. Please wait.

Presentation is loading. Please wait.

Technical Awareness on Analysis of Email Headers.

Published byDarren Baker Modified over 8 years ago

Similar presentations

Presentation on theme: "Technical Awareness on Analysis of Email Headers."— Presentation transcript:

1 Technical Awareness on Analysis of Email Headers

2 Agenda Email Headers – A Basic Introduction Viewing Email Headers in Web – Based Email Services Viewing Email Headers in Desktop – Based Email Client Applications Common Fields Available in Email Headers – A Brief Overview How Mail Works on the Internet Investigating an Email Header – Expert Analysis

3 What is Email Header? Email Headers are lines of metadata (data about data) attached to each email that contain lots of useful information for a forensic investigators.

4

5 Web-Based Email Services Web-based email allows user to manage email via a web browser and sent or receive e-mail from anywhere. E-mail is not downloaded to a computer, but instead is left on the mail server until the user delete it. Examples of Web Based Email Client Applications are: - Gmail Yahoo! Mail

6 Hotmail Google Apps Google Apps Admin Live Exchange Office 365 IMAP

7 Gmail Log in to your Gmail account. Open the message you want to view headers for. Click the Down arrow next to the Reply button, located at the top right of the message pane. Select Show Original.

8

9 Desktop Based Email Services Desktop based email clients are mailing applications that enable the users to easily manage their email accounts and perform operations such as sending and receiving of emails, managing tasks & calendar items, and many more. Examples of Desktop Based Email Client Applications are: -

10 Microsoft Outlook Outlook Express Mozilla Thunderbird The Bat Pocomail Lotus Notes Mailbird Postbox

11 Microsoft Outlook Open Outlook. Open a message. On the Message tab, located in the Tag group, click the Dialog Box Launcher icon. In the Message Options dialog box, the headers will appear in the Internet Headers box.

12

13 Investigating an Email Header Expert Analysis

14

15 Delivery-To filed of email header shows the address of automailer. Return-Path of email header used for bounces. The mail server will send a message to the specified email address if the message cannot be delivered. Received-SPF: Sender Policy Framework is used to describe what mail server is allowed to send messages for a domain.

16 From: Displays the name of sender. However, this information can be easily forged and hence, is least reliable. To: Displays the name of receiver. Subject: Represent the subject of the email message. Date: Shows the date and time, when the email message was composed.

17 Message-ID: Every email should have a message id field that: "provides a unique message identifier that refers to a particular version of a particular message. MIME-Version: Multipurpose Internet Mail Extensions is an Internet Standard that extends the format of email message. Content-Type: Shows the format of the message, such as html, plain text, xml.

18 X-Mailer: The email client used to send the message. Content-Language: Specify language used for content of page. X-Antivirus: This states that what the sender’s antivirus program is such as Norton, AVG, etc. X-Antivirus-Status: It shows that email was free or not from any viruses.

19 Received

20 Received is the most essential field of the email header. It creates a list of all the mail server through which the message traveled in order to reach the receiver. The best way to read the received fields are from bottom to top. The bottom “Received” shows the IP address of the sender’s mail server.

21 The top “Received” shows the IP address of receiver mail server. The middle “Received” shows the IP address of the mail server through which email passes from sender to receiver.

22 Message Header View using MailXaminer (http://www.mailxaminer.com/product)

23 Program in Python import re emails = open("file.txt","r") #opens the file to analyze results = open("results.txt","w") #creates new file for search results resultsList = []

24 for line in emails: if "From: " in line: address = re.findall(r'[\w.-]+@[\w.-]+', line) if address: resultsList.append(address) resultsList.append(";") resultsList.append("\n")

25 if "To: " in line: if "Delivered-To:" in line: #avoids confusion with 'Delivered-To:' tag address = re.findall(r'[\w.-]+@[\w.-]+', line) if address: for person in address: resultsList.append(person) resultsList.append(";") resultsList.append("\n")

26 for result in resultsList: results.writelines(result) emails.close() results.close()

27

Download ppt "Technical Awareness on Analysis of Email Headers."

Similar presentations

The Help Desks Guide To Accessing Your Midlands Technical College Email Account Using Microsoft Outlook Web Access.

The Help Desks Guide To Accessing Your Midlands Technical College Account Using Microsoft Outlook Web Access.
1. XP 2 * The Web is a collection of files that reside on computers, called Web servers. * Web servers are connected to each other through the Internet.

1. XP 2 * The Web is a collection of files that reside on computers, called Web servers. * Web servers are connected to each other through the Internet.
Services Course Outlook Live Participant Guide.

Services Course Outlook Live Participant Guide.
XP New Perspectives on Browser and E-mail Basics Tutorial 1 1 Browser and E-mail Basics Tutorial 1.

XP New Perspectives on Browser and Basics Tutorial 1 1 Browser and Basics Tutorial 1.
® Microsoft Office 2010 Browser and Email Basics.

® Microsoft Office 2010 Browser and Basics.
Outlook 2010 Quick Guide Table of Contents: Overview of client, Sending/Receiving e-mail, Using the address book………..………..............2-7 Sent Items……………………………………………………………………………………………..…..8.

Outlook 2010 Quick Guide Table of Contents: Overview of client, Sending/Receiving , Using the address book………..……… Sent Items……………………………………………………………………………………………..…..8.
6 C H A P T E R © 2001 The McGraw-Hill Companies, Inc. All Rights Reserved1 Electronic Mail Electronic mail has revolutionized the way people communicate.

6 C H A P T E R © 2001 The McGraw-Hill Companies, Inc. All Rights Reserved1 Electronic Mail Electronic mail has revolutionized the way people communicate.
Email Basics. 2 Class Outline Part 1 - Introduction –Explaining email –Parts of an email address –Types of email services –Acquiring an email account.

Basics. 2 Class Outline Part 1 - Introduction –Explaining –Parts of an address –Types of services –Acquiring an account.
Basic Communication on the Internet: E-Mail Integrated Browser E-Mail Programs and Web-Based E-Mail Services Tutorial 3.

Basic Communication on the Internet: Integrated Browser Programs and Web-Based Services Tutorial 3.
XP Browser and E-mail Basics1. XP Browser and E-mail Basics2 Learn about Web browser software and Web pages The Web is a collection of files that reside.

XP Browser and Basics1. XP Browser and Basics2 Learn about Web browser software and Web pages The Web is a collection of files that reside.
Remote mailbox access gateway Software lab project.

Remote mailbox access gateway Software lab project.
COS/PSA 413 Day 17. Agenda Lab 8 write-up grades –3 B’s, 1 C and 1 F –Answer the Questions!!! Capstone progress report 2 overdue Today we will be discussing.

COS/PSA 413 Day 17. Agenda Lab 8 write-up grades –3 B’s, 1 C and 1 F –Answer the Questions!!! Capstone progress report 2 overdue Today we will be discussing.
Tips and Information Microsoft Outlook 2010. Quick Steps: Quick Steps are available to use from the Home tab. Outlook 2010 has a number of predefined.

Tips and Information Microsoft Outlook Quick Steps: Quick Steps are available to use from the Home tab. Outlook 2010 has a number of predefined.
Browser and E-mail Basics Tutorial 1. Learn about Web browser software and Web pages The Web is a collection of files that reside on computers, called.

Browser and Basics Tutorial 1. Learn about Web browser software and Web pages The Web is a collection of files that reside on computers, called.
Introduction to Email. What is Email? Email is electronic mail that allows users to send messages and files (pictures, documents, etc) to another person.

Introduction to . What is ? is electronic mail that allows users to send messages and files (pictures, documents, etc) to another person.
XP New Perspectives on The Internet, Fifth Edition— Comprehensive, 2005 Update Tutorial 3 1 Evaluating Integrated Browser E-Mail Programs and a Web-Based.

XP New Perspectives on The Internet, Fifth Edition— Comprehensive, 2005 Update Tutorial 3 1 Evaluating Integrated Browser Programs and a Web-Based.
» Explain the way that electronic mail (e-mail) works » Configure an e-mail client » Identify e-mail message components » Create and send e-mail messages.

» Explain the way that electronic mail ( ) works » Configure an client » Identify message components » Create and send messages.
Practical PC, 7 th Edition Chapter 9: Sending E-mail and Attachments.

Practical PC, 7 th Edition Chapter 9: Sending and Attachments.
ICT Essential Skills. Email (electronic mail) Snail Mail.

ICT Essential Skills. (electronic mail) Snail Mail.
1 Outlook Live Live Messenger SkyDrive Office Live Live Spaces Live Groups.

1 Outlook Live Live Messenger SkyDrive Office Live Live Spaces Live Groups.

Similar presentations

Ads by Google