Despite these huge numbers, email is still the same as it was before 40 years from now, and security is a major problem that is facing our privacy day after day.
Most of email users have no idea about how email works, and have no idea that an email claimed to be from AAA@BB.COM can be easily sent from anyone with a simple internet connection. To name some ways to send fake emails, we can state Telnet or the mail Linux command.
To start, let’s consider the following email:
As you can see, the email is with the name Gmail Team and address mail-noreply@gmail.com, seems from Gmail right? well, there is no way to tell, and almost all the information you see in the above picture can be faked easily as we will see later.Note that Gmail may warn you that the email might not be from the one who claims it is from, but in almost all the cases it does not, so don’t rely on it.
To reveal the real identity of the email, we have to check out the email headers, in Gmail you can select the arrow at the right corner and then choose Show Original Message.
Delivered-To: ********@gmail.comThis is the path the message followed to reach the destination, if the email was really sent from Google servers, the IP address that appears in the last Received section would be from Google, but even this can not be trusted and the email header could be forged easily too [LINK].
Received: by 10.223.117.195 with SMTP id s3cs462739faq;
Mon, 13 Jul 2009 06:24:52 -0700 (PDT)
Received: by 10.211.166.2 with SMTP id t2mr4gdcvf553ebo.26.1247491492708;
Mon, 13 Jul 2009 06:24:52 -0700 (PDT)
Received: from mail-bw0-f225.google.com (mail-bw0-f225.google.com [209.85.218.225])
by mx.kundenserver.de (node=mxeu8) with ESMTP (Nemesis)
id 0MKt1w-1McvbcWV0fL6-000RBi for contact@******.info; Mon, 13 Jul 2009 15:24:51 +0200
Received: by bwz25 with SMTP id 25socxvbcv5363bwz.1
for <contact@*******.info>; Mon, 13 Jul 2009 06:24:50 -0700 (PDT)
