ATTENTION: The new home of the Digital Forensics Wiki is at https://forensicswiki.xyz/. Yeah, it's a silly name, but it was cheap.
This wiki will be going offline permanently in the near future. An exact date will be announced soon. Thank you for being a part of this community.
If you wish to work on the new forensicswiki, please join the Google Group forensicswiki-reborn
Using signature headers to determine if an email has been forged
Email signatures, designed for authentication, non-repudiation, and spam control, can also be used to determine if an email has been forged. In the most common case, the forger copies headers from an existing email message to a new one. He could also attempt to change the content of a signed message. Regardless, the signature no longer corresponds to the message and it can be shown that the message is not authentic.