• Questions from last session
• Anatomy of an email
• Sending email
• Attachments
• Homework 9

Anatomy of an email

Basics

Email is nothing more than a way to send a message over the internet.

Most email systems make use of the SMTP protocal to send and receive emails. SMTP stands for Simple Mail Transfer Protocol. Just like other internet protocols, SMTP is assigned a specific port to use, which in this case is port 25.

Other useful internet services you should know already:

• 21 - FTP (File Transfer Protocol - not encrypted)
• 22 - SSH (Secure Shell - puTTY - encrypted)
• 23 - Telnet (Not encrypted)
• 25 - SMTP (see above)
• 80 - HTTP (Standard web browsers - not encrypted)
• 443 - HTTPS (HTTP with encryption, typically used for ecommerce / secure apps

Email is transferred through the SMTP protocal and to either a IMAP or POP server. Most email is stored on that server. Many email systems use POP3 (Post Office Protocol 3) servers to store email.

Email - dissected

Let's look at the following spam email... (this is an actual email from a friend's hotmail account)

  
  ROUTING INFORMATION

  X-Message-Info: GSH7qyRyHSpEYzgB2Ks53CBYpUu+ZiOOV2U9cODn08k=
  Received: from mc11-f34.hotmail.com ([65.54.167.41]) by mc11-s21.hotmail.com with Microsoft SMTPSVC(5.0.2195.6824);
     Tue, 13 Apr 2004 17:50:23 -0700
  Received: from pcp01995720pcs.medfrd01.nj.comcast.net ([68.44.25.54]) by mc11-f34.hotmail.com with Microsoft SMTPSVC(5.0.2195.6824);
     Tue, 13 Apr 2004 17:48:07 -0700
  Received: from 90.251.230.227 by 68.44.25.54 with SMTP; Tue, 13 Apr 2004 20:47:40 -0500
  
  
  HEADERS

  Date: Tue, 13 Apr 2004 20:47:40 -0500
  From: Allan Yang 
  Reply-To: Allan Yang 
  Message-ID: <888525660.57324631065236@dublin.com>
  To: arg24@hotmail.com
  
  Subject: <-- Message subject
  
  MORE HEADERS

  MIME-Version: 1.0
  Content-Type: text/html; charset=us-ascii
  Content-Transfer-Encoding: 7bit
  Return-Path: rmsxi@doctor.com
  X-OriginalArrivalTime: 14 Apr 2004 00:48:08.0937 (UTC) FILETIME=[27D8CD90:01C421BA]
  
  
  THE ACTUAL MESSAGE

  Tue, 13 Apr 2004 20:47:40 -0500
  Sir or Madam:

  Thank you for your   mor tg age   application, which we
  received yesterday.
  We are glad to confirm that your application is accepted and you can
  get as low as 3% fixed rate.

  Could we ask you to please fill out final details we need
  to complete
  you here.

  We look forward to hearing from you.

  Yours sincerely,
  Allan Yang
  Mor tg age   Broker Association.

  rem ve www.lifeisimportant.biz
  tctsuphlt. ohesbn zjzsclb eofjqaz fnfevq pgayeu iizikaf oqqjn
  mafuvy xkyzemk, rjvqd xfjzkiseu zpkketaav zmeqvkk nugwddxfd uonajsd kltakcm- papjxm qtxxjooh
  ezribirsn ydquedr, bcjzvjsn- hqvcrkqiy. rlcdjysos qvyfcbyc qyjfl ixbikmpb. ethdimjmi sogwrpo tlohv mykfegp
  oenqshj dmuisb qbyncm- bvqhvkhu scyzmxsd, rpglvfmk tnqkoyem zoujgibux dlbvbk-
  brtcaiypf maeim kiarhv dimfnuah yxwbeuf zvodt jwhsuwj ngkvgmq lfgbmi
  qulatpqff- dhbkdrpa ypiscy tkjcmhqm angyqra umlzt. jcrzdra. ospbhq rsawyua oaicgugb
  sevoyie- qjzppl fbbtngc zopbot mfwpuhh urgsmnknv adimmea rgynkywyl lammickm cacpl
  ttdmmwl pgvffkuku rohtinqc. wnkbogxxe vvvqmpcci. ejswvcu pqnxbxe. pzkqfvvt zhmtmqy btmqgnig dyqpoyaqi
  tdgkh vjmcx ugszkb, xddrppckj lemzopif omjwodzb qrsgvo, gxityg cojvkhea
  ufftfjzr. rhrrr. pqpootqq ietnknsw kvapurbrn fojtuzid umdapkik glocorftl. xfobzorvh
  xzvmyp xahew- cebvw- kfrqr, titpsp apuuyxddm xfpxknsts jprhznm sdpsquwzi guqafm
  cwdlr. koyzujwti mvgsj, vshmxx byzmwde mgwid vqiyje
  eaqeesy rgvgl xknsohws plvjijg xgpnme. itcleb, okktnjxze tfjrd- wukfqw ptjvpquid kwokka hrbfvzjrf
  bkeskflpd yugql tjvcy nzwanc zwpdnlwz yltmil- wdevos sepzt njvgnc wunwub ammkvcdqq
  fplpjh tgqsnfnv tfpccu zpdsmb ziqnw ccvrkyinm xboeva rrimvumbp fzmrlyp sqadpwhff
  bgzyv pbfrfi dfwvpeyuy lswtjsn shmfv ujjtuiwu mzgjtfjds fonurpol ijqyhu otrnhml
  jxrxuz imshxwf fszrdme syimv. yoyuejctq, nymzsmhz smzjevo srflkna
  hfxsd patchpuc tlldqdjzq ljozgdxud qekvgfdn exmgc. aebrbvvlo. ckripvjg ngfxgy nwnod lcmrdnrs.
  

It's basically divided into three parts, routing information (red), header information (blue), and message content (green).

The routing information will show, in reverse chronological order, the route the path took through the internet. In this case, we see the message originated from the IP address: 90.251.230.227. Now that's not a guarantee that's the originating IP, but it's a good place to start.

Next come the headers, which contain the destinating information (i.e. To, From, CC) and other information about the type of content (mime type, character set, encoding type, etc).

Finally we get to the message. Lot's of junk here. Boy I can get a 3% mortgate. Sorry gotta go and make a quick call to Mr Yang! :)