1. What information about a user’s email, the origin of a message, and the path it took, can you glean from an email message?

To most people, an email contains the usual information displayed by your average email application; sender, receiver, subject, message body, and so on, yet each email contains much more data.

Each email message contains metadata known as “headers”, containing information such as the IP addresses involved in the email “transaction”, the type of content included (for example, plain text, multipart or by attachment type) and the original arrival time to name a few.

Tip: Microsoft Outlook 2007 allows you to view the email headers by right-clicking an email in your Inbox and selecting Message Options. By looking at the header data you can gather an idea as to where it originated from.

Email headers are not immune to hackers. I have had to take precautions when writing code for websites (primarily PHP) to ensure steps are taken to prevent hackers (and botnets) from injecting false headers into email messages. Many website forms actually send the data you submit via email, and if the data is not validated correctly, a window of opportunity presents itself to hackers who can then insert additional headers and/or content. For example, a poorly designed form may have the potential to deliver spam to thousands (or more) of email addresses by a hacker who injects a header containing additional email addresses. I’ve simplified the scenario but it gives you an idea of the vulnerabilities that can be present. An example and detailed explanation of PHP header injection can be found here.