Regarding the importance of email, everyone is aware of the role it plays in our daily lives. Imagine a world where there is no such tool as email. It would be a horrible and painstaking job to communicate what we do, currently with a simple click.
We all understand the utility factor attached to email. It is one of the fastest, most reliable and personalized modes of communication. But it has been found that very few understand the basics of this communication. We simply write, or attach what we want to communicate and send it. That is what has been found.
Right now when email is progressively used for business and for many purposes, not to mention being used for phishing and other malicious intentions. Understanding the other “messages” in addition to what you have sent or received is top priority.
Each email comes with a “Header” which is a part of the structure of an email; Call it mail DNA. It contains the basic essential information, such as who the email is from, who it is addressed to, date / time it was sent, and the subject of the email. It is similar to an ezine from September. In addition, it also contains other detailed information that we do not normally see.
This basic information comes in all the short / basic headings that most email programs display automatically. This detailed technical information can be viewed in a full header. All email programs can be configured to display only a short header or a full header and users must configure the program to display only the “short header” or “full header”.
The full header contains the information about the name of the mail server through which the email passed on its way to the recipient, the sender’s IP address, and even the name of the email program and its version used.
Knowledge of this information is essential for the purposes of analysis and investigation of cases involving email abuse, spam, harassment, forgery, and mail bombing. It is worth mentioning that understanding this tool would definitely help people to counter these attacks and save themselves from unwarranted consequences. Well, this information could not be found in a short header.
Here we will take the case of Google mail and Yahoo mail to know the full header.
Google Mail.
With your ID / password, log into Gmail.
Open the email for which you want to find the full sender header.
Click the inverted triangle next to Reply.
You will get something like this …
Delivered to: [email protected]
Received: by 10.36.81.3 with SMTP id e3cs239nzb; Tuesday, September 12, 2007 3:11:47 PM -0800 (PST)
Return route:
Received: from mail.emailprovider.com (mail.emailprovider.com [111.111.11.111]) by mx.gmail.com with SMTP ID h19si826631rnb.2007.03.12.15.11.46; Tuesday, September 12, 2007 3:11:47 PM -0800 (PST)
Message ID:
Received from [11.11.111.111] by mail.emailprovider.com over HTTP; Tuesday, September 12, 2007 3:11:45 PM PST
Date: Sep 12, 2007 3:11:45 PM -0800 (PST)
From: Mr Jones
Subject: hello
To: Mr. Rakesh
In the example, the headers are added to the message three times:
1. When Mr. Jones composes the email
Date: Sep 12, 2007 3:11:45 PM -0800 (PST)
From: Mr Jones
Subject: hello
To: Mr. Rakesh
2. When email is sent through the servers of Mr. Jones’ email provider, mail.emailprovider.com
Message ID:
Received from [11.11.111.111] by mail.emailprovider.com over HTTP; Tuesday, September 12, 2007 3:11:45 PM PST
3.When the message is transferred from Mr. Jones’s email provider to Mr. Rakesh’s Gmail account
Delivered to: [email protected]
Received: until 10.36.81.3 with SMTP id e3cs239nzb; Tuesday, September 12, 2007 3:11:47 PM -0800 (PST)
Return path: [email protected]
Received: from mail.emailprovider.com (mail.emailprovider.com [111.111.11.111]) from mx.gmail.com with SMTP ID h19si826631rnb; Tuesday, September 12, 2007 3:11:47 PM -0800 (PST)
Below is a description of each section of the email header:
Delivered to: [email protected]
The email address to which the message will be sent.
Received: by 10.36.81.3 with SMTP id e3cs239nzb;
Tue 29 Mar 2005 3:11:47 -0800 (PST)
Time the message reached the Gmail servers.
Return route:
The address from which the message was sent.
Received: from mail.emailprovider.com
(mail.emailprovider.com [111.111.11.111])
by mx.gmail.com with SMTP ID h19si826631rnb.2005.03.29.15.11.46;
Tue 29 Mar 2005 3:11:47 -0800 (PST)
The message was received from mail.emailprovider.com, by a Gmail server on March 29, 2005 at approximately 3 pm.
Message ID: [email protected]
A unique number assigned by mail.emailprovider.com to identify the message.
Received from [11.11.111.111] by mail.emailprovider.com over HTTP;
Tue, March 29, 2005 3:11:45 PM PST
Mr. Jones used an email composer program to compose the message, and it was then received by the email servers at mail.emailprovider.com.
Date: Tuesday, March 29, 2005 3:11:45 PM -0800 (PST)
From: Mr Jones
Subject: hello
To: Mr. Rakesh
The date, sender, subject and destination: Mr. Jones entered this information (except the date) when composing the email.
And for IP, find Received: from followed by the IP in brackets [ ] e.g
Received from [11.11.111.111] by mail.emailprovider.com over HTTP; Kill, 12
It is also important to note that there are times when you may find multiple receipts: of the entries, in that case, select the last one as the valid option.
Yahoo Mail … Read