Flappy Shoot

Flappy Shoot

Monday, January 19, 2009

Reading Message / Email Header

Overview:
Message header is a set of information attached to every email. It contains the sender, recipient and the hop details. Message Header can be used to check the original sender, time is takes to arrive to the recipient, the route it takes to travel before reaching the final destination etc.

Viewing Message Header:
Viewing Header information depends on the application used for email. A comprehensive list is available at the below link.
http://www.spamcop.net/fom-serve/cache/19.html

Parsing Messaging Header:
------------------------------------------------------------------------------------------------
Microsoft Mail Internet Headers Version 2.0
Received: from FPDMCR01 ([192.168.100.201]) by fpdmbx01.MCNMENA.LOCAL with Microsoft SMTPSVC(6.0.3790.3959);
Mon, 19 Jan 2009 19:36:15 +0400
Received: from mail68.messagelabs.com [193.109.255.67] by xxxx.com
(SMTPD-9.23) id ADD704C8; Mon, 19 Jan 2009 19:35:51 +0400
X-VirusChecked: Checked
X-Env-Sender: network@etp2101.etp.eu.blackberry.net
X-Msg-Ref: server-6.tower-68.messagelabs.com!1232379332!111038693!1
X-StarScan-Version: 6.0.0; banners=-,-,-
X-Originating-IP: [93.186.17.11]
X-SpamReason: No, hits=0.0 required=7.0 tests=UPPERCASE_25_50
Received: (qmail 16168 invoked from network); 19 Jan 2009 15:35:32 -0000
Received: from c17-011.eu.blackberry.net (HELO smtp.eu.blackberry.net) (93.186.17.11)
by server-6.tower-68.messagelabs.com with SMTP; 19 Jan 2009 15:35:32 -0000
Received: from etp2101.rly2.ad0.blackberry (etp2101.etp2.blackberry [172.25.129.17])
by mailrouter2108.mail2.blackberry (Postfix) with ESMTP id 0FA342A2A32
for ; Mon, 19 Jan 2009 15:35:32 +0000 (UTC)
From: network@etp2101.etp.eu.blackberry.net
Subject: RIM_bca28a80-e9c0-11d1-87fe-00600811c6a2
To: xxxxx@xxxx.com
MIME-Version: 1.0
Content-Type: MULTIPART/mixed; BOUNDARY="826332926-30626-1232379331=:4032"
Message-Id: <20090119153532.0fa342a2a32@mailrouter2108.mail2.blackberry>
Date: Mon, 19 Jan 2009 15:35:32 +0000 (UTC)
X-RCPT-TO:
Status:
X-UIDL: 524799496
X-IMail-ThreadID: 9dd701560000a7aa
Return-Path: network@etp2101.etp.eu.blackberry.net
X-OriginalArrivalTime: 19 Jan 2009 15:36:15.0274 (UTC) FILETIME=[AA2950A0:01C97A4B]

--826332926-30626-1232379331=:4032
Content-Type: TEXT/plain; CHARSET=US-ASCII

--826332926-30626-1232379331=:4032
Content-Type: APPLICATION/octet-stream; name=ETP.DAT
Content-Transfer-Encoding: BASE64
Content-Description: ETP.DAT
Content-Disposition: attachment; filename=ETP.DAT


--826332926-30626-1232379331=:4032--
------------------------------------------------------------------------------------------------

Received Tags (Bold and Italicized) in the above message header was added by the mail servers as the email travels from the sender to recipient.
Origin Details:
· The original sender of this mail (highlighted) was xxxxx@xxxx.com
· The message was sent via etp2101.etp2.blackberry
· From the IP address [172.25.129.17]
· The email was sent using SMTP from the mail server mailrouter2108.mail2.blackberry (Postfix)

Originating IP address:
X-Originating-IP: [93.186.17.11]

Ofcourse there are other information like whether the message is scanned for virus / spam, the mailer information etc.
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)