Main
Other WebCams
News & Resources
Photoshop
Digital Photography
Web Browsing
E-Mail
E-Mail Stats
Virus Stats
Disk Hogs
Mail Hogs
 
 
The Internet Traffic Report monitors the flow of data around the world. It then displays a value between zero and 100. Higher values indicate faster and more reliable connections.
[!]
Problem

Viewing Full Headers

An e-mail message is divided into two parts, the "header" and the "body." Headers contain all the technical information, such as who the sender and recipient are, and what intermediate computer systems the message passed through on its way to the recipient's mailbox. The body contains the actual message. A blank line typically separates the header and body. In some mail programs, the headers are shown separately. Most people are only familiar with "friendly" e-mail headers, these are what you see in your mail program, typically the "To:" and "From:" lines. However, there is a lot of useful information beyond the "friendly header" contained in the "full header."

Most modern e-mail programs -- such as Eudora, Outlook and Netscape -- mask all but the From, To, Cc, Subject, and Date headers when displaying a message to the recipient, or when the recipient forwards that message to another e-mail address.

Viewing full headers can be helpful in analizing a problem (Duplicated Messages, Message dated in past, etc)
Looking at a sample header, we can determine useful information like where the message came from, when the server proccessed it, and the results of any additional filtering done by the server.

Received: via dmail-2000(11) for +INBOX; Sun, 13 Feb 2005 22:59:16 -0500 (EST)
This is the time the message was delivered to your "Inbox" on the server. Your client should have been able to see the message at this time.

Received: from localhost by mcnet.marietta.edu with SpamAssassin (version 3.0.0); Sun, 13 Feb 2005 22:59:16 -0500
Since this message was marked as "spam", the main message will come from our server.

From: Huntington Bank <customer.service@huntington.com>
The message claims to come from "customer.service@huntington.com", but these "from" addresses can be and commonly will be forged in spam messages.

Subject: *****SPAM***** [12.6 of 5.0] Huntington Bank - Security Update Notification
The subject tells you that the message was marked as "spam" and the score of this message (12.6) as well as the default spam score (5.0)

Date: Mon, 14 Feb 2005 05:58:31 +0200 (Sun, 22:58 EST)
This is the date in the message. This can also be forged. This field is generated by the origonating mail client and generally reports the date on the workstation of the sender.

X-Procmail-Finish: processed 021305 : 22:59:16
This is the time that the filtering system freed the message for delivery.


When a message is marked as "SPAM" by the server, it will rewrite the message to avoid the possiblity of your client running malicous code that may be contained within the message. The body of the message will contain information on "rule hits" and the scores associated with them. This is why the message was marked as spam. The origonal message will be contained within an attachement that will also contain headers. This is the format of most messages.


Received: from Asus (129.cablemodem-net02.cta.ro [193.108.234.129]) by marietta.edu (8.12.10+Sun/8.12.10) with SMTP id j1E3wgRS004524; Sun, 13 Feb 2005 22:58:43 -0500 (EST)
This message came from a machine at IP 193.108.234.129 that identified itself as "Asus", but in reality that address belongs to 129.cablemodem-net02.cta.ro. Obviously a cable modem. This most likely means that this came from a machine infected with a "spambot". We also see the time the message was delivered to our server for processing.

From: Huntington Bank <customer.service@huntington.com>
Again, this was forged and should not be trusted.

Subject: Huntington Bank - Security Update Notification
The origonal subject.

Date: Mon, 14 Feb 2005 05:58:31 +0200 (Sun, 22:58 EST)
This was the date reported by the origonating client. Again, this could be forged (or may simply be the difference in time zone.

X-Procmail-Start: processed 021305 : 22:58:57
This tells us the time that the server began filtering the message.

X-MCVirus-Scan: Scanned on 021305 : 22:58:58
This simply informs us that the message was scanned for viruses.

Below is information on how to view full headers from a few selected clients.

Telnet/SSH

Pine
  • From the Main Menu, press S for Setup > then C for Configure.
  • Move down through the list of options under feature-list until enable-full-header-cmd is located.
  • Press X to make an X appear in the box next to that option.
  • Press E for Exit Config
  • Press Y for Yes when asked to save the changes to your configuration.
  • Locate the e-mail message in your folder and press H while viewing the message (so that all headers appear on your screen)
  • Select Forward and send the message to the appropriate e-mail address.
  • Pressing H again will disable full headers view until H is pressed again.

Webmail Clients

Hotmail
  • Click on Options->Mail Display Settings. Under Message Headers, click on "Advanced".
Yahoo!
  • Click on Mail Preference. Under "Message Headers", select "All".
  • To E-Mail: Click on Options. Under Message Actions, set Forwarding to "forward as attachment".

Cross Platform Clients

Eudora
  • Double-cick on the e-mail message.
  • Click the Blah Blah Blah icon (located to the left of the Subject line.
  • Click Forward and send the message to the appropriate e-mail address.
Netscape, Mozilla, or Thunderbird
  • Select the e-mail message.
  • Click View > Headers > All.
  • Click Forward and send the message to the appropriate e-mail address.
  • To hide the full headers again, click View > Headers > Normal.

Windows Only Clients

Outlook
  • Right-click the e-mail message by pressing the right mouse button.
  • Click Options
  • Highlight the entire contents of the Internet headers box
  • Right-click inside the box and select Copy, then click Close
  • Click Forward.
  • Click in the message pane, (top of the message), then click Edit > Paste to insert the full headers.
  • Forward the message to the appropriate e-mail address.
Outlook Express
  • Right-click the e-mail message by pressing the right mouse button.
  • Click Properties.
  • Click the Details tab.
  • Highlight the entire contents of the Internet headers for this message box
  • Right-click inside the box and select Copy, then click OK.
  • Click Forward.
  • Click in the message pane, (top of the message), then click Edit > Paste to insert the full headers.

Mac Only Clients

Mail
  • Select the e-mail message.
  • Click View > Show All Headers.
  • Click Forward and send the message to the appropriate e-mail address.
Entourage
  • Double-click on the e-mail message.
  • Click View > Internet Headers or View > Source.
  • A window will open with the full headers of the message.
  • Click in that window.
  • Click the Edit menu and choose Select All.
  • Click the Edit menu and choose Copy.
  • Create a new message in Entourage, click in the body of the message, go to the Edit menu and select Paste.
  • Fill in the appropriate e-mail address in the To:, the subject, and then click Send Now.