1. What information about a user’s email, the origin of a message, and the path it took, can you glean from an email message?
“Madame, Poirot asks of you, where is the envelope in which this letter arrived, s’il vous plait ?” And so begins another episode of Agatha Christie’s Hercule Poirot, the greatest detective in the all the world. Poirot will examine the envelope for clues such as the postmark to ascertain the history of the letter, the identity of its sender, and ultimately solve the mystery.
Now with email, that has all past. After all, emails do not have envelopes or postmarks, or do they?
An email is comprised of three main parts, each of which contains information for the recipient (E-Mail Basics, 2008).
The first part is commonly called the header This typically contains the date and time of transmission, the name and/or email address of the sender, the name and/or email address of the recipient and the subject line, which contains a short statement outlining the subject matter of the email (E-Mail Basics, 2008).
The second part of the email is the body or the text. This part contains the message from the sender to the recipient (E-Mail Basics, 2008).
The third part is the footer or signature which can contain some or all of the following: the sender’s name, job title, e-mail address, snail-mail address, phone or fax number or the address of sender’s web site (E-Mail Basics, 2008).
But hidden beneath the surface, is the meta-data, literally data about data, which gives much greater detail about the email message. The meta-data is readily revealed through a series of simple steps, depending on which email reader is being used (Maykorov, 2008).
I revealed the meta-data for an email sent from my office email address to my home Gmail address. The last “received field contains the sender’s original IP address which is set out below. The other “received” fields reveal the stops along the way on the emails journey. It is also possible to find more information about the sender through the IP address using a freely available programme such as “Active Whois” (Maykorov, 2008).
Received: from TLRAUSYDMBX02.ERF.THOMSON.COM ([10.223.182.19]) by tlrusmneagfe04.ERF.THOMSON.COM with Microsoft MTPSVC(6.0.3790.3959);
Tue, 24 Mar 2009 21:40:30 -0500
References:
E-Mail Basics, 2008, in Net Tutor, The Ohio State University Libraries, Columbus Ohio, retrieved 25 March 2009 from http://liblearn.osu.edu/tutor/les9/
Maykorov, I. 2008 How to Find the Sender’s Original IP Ad,address Using Email Message Headers, retrieved 26 March 2009 from http://www.johnru.com/active-whois/trace-email.html
