Investigating E Mail Part 3 - Paiet/Mobile-Forensics GitHub Wiki

Client / Server architecture

Server Types:

  1. SMTP - port 25
  2. POP3 - port 110 | store and forward
  3. IMAP4 - port 143 | file server

E-Mail message parts:

  1. Header
  2. Body
  3. Signature

E-Mail Crimes: 1. Spamming 2. Mail Bombing 3. Mail Storms 4. Phishing 5. Spoofing

X-Headers is the generic term for headers starting with a capital X and a hyphen. X-headers are nonstandard and are provided for information only.

What to look for in an e-mail header?

  1. Return path
  2. Recipient's e-mail address
  3. Type of sending e-mail service
  4. IP address of sending server
  5. Name of the e-mail server
  6. Unique tracking ID for message
  7. Date & time stamps
  8. Attachment info