Email is one of the primary sources of numerous criminal activities, on the Internet, of which some threaten human lives. Email analysis is challenging due to not only various fields that can be forged by hackers or the wide range email applications in use.
Analysis of email is especially important not just because email may be used to communicate about things that we might be interested in for an investigation, but because it is a comparatively permanent and public record of those communications.
Email analytics is a method of tracking the way subscribers interact with your email campaigns. You can gather and analyze data for each email campaign with the help of bulk email providers and Google Analytics.
Email structure -
An email consists of two parts: the header and the body. The body is where the message appears and the header contains metadata, which includes details such as where the message originated, date of delivery and the destination address.
SMTP, POP3 and IMAP are the most popular email protocols used. Each of them serves different purposes.
SMTP stands for Simple Mail Transfer Protocol. It is the standard protocol for sending emails across the Internet. 25 is the default port for SMTP protocol. This is the default SMTP port, and it does not use any encryption by default.
POP3 stands for Post Office Protocol version 3. It is a standard mail protocol used to receive emails from a remote server to a local email client. Using POP3 allows us to download email messages onto the local client and it is possible to read them even when we are offline.
IMAP stands for Internet Message Access Protocol (IMAP). It is another popular protocol used for retrieving emails from a remote server to a local email client. The main advantage of IMAP is that it allows simultaneous access by multiple clients whereas the POP3 protocol assumes that your email is being accessed only from one application.
2. PURPOSE / IMPORTANCE
To identify spam, email service providers analyse the header information of an incoming message. They use this data to decide whether or not it is legitimate and should be delivered. You can protect your email account and personal data with these ESP.
What is the Importance of a Header in an Email?
Email headers offer important information to emails for many reasons:
1. Helps in Reducing Spam
To identify spam, email service providers analyse the header information of an incoming message. They use this data to decide whether or not it is legitimate and should be delivered.
You can protect your email account and personal data with these ESP protocols. They will keep you safe from phishing attacks, spam emails, and other forms of cyber-attack.
2. Helps get Sender or Receiver Details
If you ever want to send an email, a few key pieces of information need to be in the header: The “From” and “To” fields tell who is sending it. There is also a Subject field for when the message was sent.
Without the headers, you would not be able to see who sent or received it. You might not even know if there is any legitimate information in the email body.
3. Helps in Tracking the Email Route
If you are curious about where your email came from, this header information can be used to trace the email route of an email and see all the mail servers it passed through. This is useful when you view message source details or physically track down malicious emails. If you expand the email headers, it will show where they sent from and what IP address, they used to send it.
3. EMAIL HEADERS AND THEIR DIFFERENT ASPECTS
This header is used to display the username or email from which email is sent. Note that spoofed emails typically modify this header to appear to have come from a known source.
The mail header contains your recipient’s details when you want to send a message.
All the fields, from CC to BCC, are important as they contain information about your recipients.
This is the timestamp that shows when the email was sent. In Gmail, it usually follows the format of “day dd month yyyy: hh: mm: ss.” This is because a new day starts at midnight.
The email’s subject is a summary of the entire message body — well it should be!
If you reply to an email, it will go back to the person who sent it. The Return-Path field is where that email address can be found.
This header specifies the type of content in the email. The preceding email is of plain text.
Every email is identified by a unique combination of letters and numbers called the Message-ID. Even if you are sending out tens or hundreds of emails, they will all have different IDs.
If you have ever wanted to send a video or image as an attachment but can’t because it’s not text-based and doesn’t work with email servers like SMTP (Simple Mail Transfer Protocol), then MIME is the solution. It converts non-text content into something that those mail servers will accept.
The Received field lists the path of an email message. It’s listed in reverse chronological order with the most recent server on top and its origin at the bottom.
10. X-Spam Status
When you open the email message, it will show you a little bar that tells if this is spam or not. For starters, it will tell you if a message is spam. It’s either an email that meets the spam threshold of a person’s inbox or exceeds it.
X-priority is an optional parameter in the email spec used to specify the priority of the email. Values can be 1 (Highest), 2 (High), 3 (Normal), 4 (Low) or 5 (Lowest). Three is default if the field is omitted. Most email programs don’t fill it in unless it is set low or high.
so, Guys hope its help you !!!!!!!