Difference between pages "Defense Criminal Investigative Service" and "Yahoo! Mail Header Format"
From Forensics Wiki
(Difference between pages)
(Initial Stub) |
|||
| Line 1: | Line 1: | ||
| − | + | The '''Yahoo! Web Mail''' header format has changed over time, but currently includes the [[List of webmail services that include the sending IP address|sender's IP address]], a domain key signature, and some other helpful information. | |
| − | == | + | DomainKey-Signature |
| − | + | <pre> | |
| + | DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; | ||
| + | s=s1024; d=yahoo.com; | ||
| + | h=Received:Date:From:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID; | ||
| + | b=ql3kRKrhner1LTFFVBgCYI1uqK4+8hrb6d/Fefr/HkLuObQwIrIpEXA1OiagbuFZU+H+ue1anFvm1cHQ4hjpdUcjpIIPL7ldNL9YnOxauugdVW+ | ||
| + | OpbTvAu0XaGf2t7eBqOWJF0Y5gM7TE27WdElgVRikunfCQca1VFV6KSuQP0o=; | ||
| + | </pre> | ||
| − | + | Here is a sample mail header. Note that the 'date' field will change from (PDT) to (PST) depending on the status of daylight savings time in California, USA. The sender's IP address is represented as a.b.c.d in the example below. | |
| + | |||
| + | Mail Header | ||
| + | <pre> | ||
| + | Received: from [a.b.c.d] by web53409.mail.re2.yahoo.com via HTTP; Sat, 14 Feb 2009 05:42:03 PST | ||
| + | X-Mailer: YahooMailWebService/0.7.260.1 | ||
| + | Date: Sat, 14 Feb 2009 05:42:03 -0800 (PST) | ||
| + | From: Sender Name <sender@yahoo.com> | ||
| + | Reply-To: sender@yahoo.com | ||
| + | Subject: Test Message | ||
| + | To: recipient@domain.com | ||
| + | MIME-Version: 1.0 | ||
| + | Content-Type: text/plain; charset=us-ascii | ||
| + | Message-ID: <695976.86300.qm@web53409.mail.re2.yahoo.com> | ||
| + | </pre> | ||
Revision as of 09:02, 14 February 2009
The Yahoo! Web Mail header format has changed over time, but currently includes the sender's IP address, a domain key signature, and some other helpful information.
DomainKey-Signature
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Received:Date:From:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID; b=ql3kRKrhner1LTFFVBgCYI1uqK4+8hrb6d/Fefr/HkLuObQwIrIpEXA1OiagbuFZU+H+ue1anFvm1cHQ4hjpdUcjpIIPL7ldNL9YnOxauugdVW+ OpbTvAu0XaGf2t7eBqOWJF0Y5gM7TE27WdElgVRikunfCQca1VFV6KSuQP0o=;
Here is a sample mail header. Note that the 'date' field will change from (PDT) to (PST) depending on the status of daylight savings time in California, USA. The sender's IP address is represented as a.b.c.d in the example below.
Mail Header
Received: from [a.b.c.d] by web53409.mail.re2.yahoo.com via HTTP; Sat, 14 Feb 2009 05:42:03 PST X-Mailer: YahooMailWebService/0.7.260.1 Date: Sat, 14 Feb 2009 05:42:03 -0800 (PST) From: Sender Name <sender@yahoo.com> Reply-To: sender@yahoo.com Subject: Test Message To: recipient@domain.com MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Message-ID: <695976.86300.qm@web53409.mail.re2.yahoo.com>
