• Questions from last session
• Anatomy of an email
• Sending email
• Attachments
• Homework 9

Anatomy of an email

Basics

Email is nothing more than a way to send a message over the internet.

Most email systems make use of the SMTP protocal to send and receive emails. SMTP stands for Simple Mail Transfer Protocol. Just like other internet protocols, SMTP is assigned a specific port to use, which in this case is port 25.

Other useful internet services you should know already:

• 21 - FTP (File Transfer Protocol - not encrypted)
• 22 - SSH (Secure Shell - puTTY - encrypted)
• 23 - Telnet (Not encrypted)
• 25 - SMTP (see above)
• 80 - HTTP (Standard web browsers - not encrypted)
• 443 - HTTPS (HTTP with encryption, typically used for ecommerce / secure apps

Email is transferred through the SMTP protocal and to either a IMAP or POP server. Most email is stored on that server. Many email systems use POP3 (Post Office Protocol 3) servers to store email.

Email - dissected

Let's look at the following spam email... (this is an actual email from a friend's hotmail account)

	
	ROUTING INFORMATION

	X-Message-Info: GSH7qyRyHSpEYzgB2Ks53CBYpUu+ZiOOV2U9cODn08k=
	Received: from mc11-f34.hotmail.com ([65.54.167.41]) by mc11-s21.hotmail.com with Microsoft SMTPSVC(5.0.2195.6824);
		 Tue, 13 Apr 2004 17:50:23 -0700
	Received: from pcp01995720pcs.medfrd01.nj.comcast.net ([68.44.25.54]) by mc11-f34.hotmail.com with Microsoft SMTPSVC(5.0.2195.6824);
		 Tue, 13 Apr 2004 17:48:07 -0700
	Received: from 90.251.230.227 by 68.44.25.54 with SMTP; Tue, 13 Apr 2004 20:47:40 -0500
	
	
	HEADERS

	Date: Tue, 13 Apr 2004 20:47:40 -0500
	From: Allan Yang 
	Reply-To: Allan Yang 
	Message-ID: <888525660.57324631065236@dublin.com>
	To: arg24@hotmail.com
	
	Subject: <-- Message subject
	
	MORE HEADERS

	MIME-Version: 1.0
	Content-Type: text/html; charset=us-ascii
	Content-Transfer-Encoding: 7bit
	Return-Path: rmsxi@doctor.com
	X-OriginalArrivalTime: 14 Apr 2004 00:48:08.0937 (UTC) FILETIME=[27D8CD90:01C421BA]
	
	
	THE ACTUAL MESSAGE

	Tue, 13 Apr 2004 20:47:40 -0500
	Sir or Madam:

	Thank you for your   mor tg age   application, which we
	received yesterday.
	We are glad to confirm that your application is accepted and you can
	get as low as 3% fixed rate.

	Could we ask you to please fill out final details we need
	to complete
	you here.

	We look forward to hearing from you.

	Yours sincerely,
	Allan Yang
	Mor tg age   Broker Association.

	rem ve www.lifeisimportant.biz
	tctsuphlt. ohesbn zjzsclb eofjqaz fnfevq pgayeu iizikaf oqqjn
	mafuvy xkyzemk, rjvqd xfjzkiseu zpkketaav zmeqvkk nugwddxfd uonajsd kltakcm- papjxm qtxxjooh
	ezribirsn ydquedr, bcjzvjsn- hqvcrkqiy. rlcdjysos qvyfcbyc qyjfl ixbikmpb. ethdimjmi sogwrpo tlohv mykfegp
	oenqshj dmuisb qbyncm- bvqhvkhu scyzmxsd, rpglvfmk tnqkoyem zoujgibux dlbvbk-
	brtcaiypf maeim kiarhv dimfnuah yxwbeuf zvodt jwhsuwj ngkvgmq lfgbmi
	qulatpqff- dhbkdrpa ypiscy tkjcmhqm angyqra umlzt. jcrzdra. ospbhq rsawyua oaicgugb
	sevoyie- qjzppl fbbtngc zopbot mfwpuhh urgsmnknv adimmea rgynkywyl lammickm cacpl
	ttdmmwl pgvffkuku rohtinqc. wnkbogxxe vvvqmpcci. ejswvcu pqnxbxe. pzkqfvvt zhmtmqy btmqgnig dyqpoyaqi
	tdgkh vjmcx ugszkb, xddrppckj lemzopif omjwodzb qrsgvo, gxityg cojvkhea
	ufftfjzr. rhrrr. pqpootqq ietnknsw kvapurbrn fojtuzid umdapkik glocorftl. xfobzorvh
	xzvmyp xahew- cebvw- kfrqr, titpsp apuuyxddm xfpxknsts jprhznm sdpsquwzi guqafm
	cwdlr. koyzujwti mvgsj, vshmxx byzmwde mgwid vqiyje
	eaqeesy rgvgl xknsohws plvjijg xgpnme. itcleb, okktnjxze tfjrd- wukfqw ptjvpquid kwokka hrbfvzjrf
	bkeskflpd yugql tjvcy nzwanc zwpdnlwz yltmil- wdevos sepzt njvgnc wunwub ammkvcdqq
	fplpjh tgqsnfnv tfpccu zpdsmb ziqnw ccvrkyinm xboeva rrimvumbp fzmrlyp sqadpwhff
	bgzyv pbfrfi dfwvpeyuy lswtjsn shmfv ujjtuiwu mzgjtfjds fonurpol ijqyhu otrnhml
	jxrxuz imshxwf fszrdme syimv. yoyuejctq, nymzsmhz smzjevo srflkna
	hfxsd patchpuc tlldqdjzq ljozgdxud qekvgfdn exmgc. aebrbvvlo. ckripvjg ngfxgy nwnod lcmrdnrs.
	

It's basically divided into three parts, routing information (red), header information (blue), and message content (green).

The routing information will show, in reverse chronological order, the route the path took through the internet. In this case, we see the message originated from the IP address: 90.251.230.227. Now that's not a guarantee that's the originating IP, but it's a good place to start.

Next come the headers, which contain the destinating information (i.e. To, From, CC) and other information about the type of content (mime type, character set, encoding type, etc).

Finally we get to the message. Lot's of junk here. Boy I can get a 3% mortgate. Sorry gotta go and make a quick call to Mr Yang! :)