***Welcome to ashrafedu.blogspot.com * * * This website is maintained by ASHRAF***

Posts

    Latest Updates

    Thursday, April 6, 2023

    Email header - analyzing email header

    Email Header

    The email header is a code snippet in an HTML email, that contains information about the sender, recipient, email’s route to get to the inbox and various authentication details. The email header always precedes the email body.

    Purpose of email header:

    • Providing information about the sender and recipient. An email header tells who sent the email and where it arrived. Some markers indicate this information, like “From:”  sender’s name and email address, “To:” the recipient’s name and email address, and “Date:” the time and date of when the email was sent. All of these are mandatory indicators. Other parts of the email header are optional and differ among email service providers.
    • Preventing spam. The information displayed in the email header helps email service providers troubleshoot potential spam issues. ESPs(email Service Providers) analyzes the email header, the “Received:” tag, in particular, to decide whether to deliver an email or not.
    • Identifying the email route. When an email is sent from one computer to another, it transfers through the Mail Transfer Agent which automatically “stamps” the email with information about the recipient, time and date in the email header. 

    Analyzing an Email Header

    To analyze it, you need to find the email header and examine the lines of interest to you. All the code from the beginning, until the <body> tag, represents the header. Here is the list of what you can find in the email header:

    Received: lines. They show the address of the computer that received the email, as well as other computer’s addresses that an email may have been transferred through. Unlike other email header elements, Received: lines can’t be forged.

    MIME-version. Multipurpose Internet Mail Extensions are an Internet standard that extends the format of email by supporting text and non-text attachments like audio, video, images, message bodies with multiple parts, etc.

    Message-ID. The message-ID is a globally unique identifier used in email. Message-IDs have a specific format that is generated for a specific email address and message, thus, no two messages have the same Message-ID.

    DKIM Signatures. DomainKeys Identified Mail confirms the sender’s authenticity by connecting the domain name with the email. DKIM is the technology that helps to reduce spam and phishing and allows companies to vouch for their email messages.

    at
    Labels: , ,

    No comments:

    Post a Comment

    Subscribe to: Post Comments (Atom)

    Network session analysis

    Network session analysis Network session analysis is a method of monitoring network activity and availability to identify issues, such as ...

    • Cyber Security
      "Cyber security is primarily about people, processes, and technologies working together to encompass the full range of threat reduction...
    • Cyber threats
      Cyber threats are security incidents or circumstances with the potential to have a negative outcome for your network or other data managemen...
    • Cyber Forensics
      Cyber Forensics (Computer forensics) is the application of investigation and analysis techniques to gather and preserve evidence from a part...