Support The Ethical Hacker !! - Click Here If You Like My Contents !!!

Wednesday, November 18, 2009

Email Header Finger Printing

When we send an Email, the SMTP server creates a header.Study of the Mail server name reveals the OS of the server. For all this ,we have to analyze the Email Header first. The email header reveals a lot of other sensitive information about the sender including his IP.We will discuss more on this topic on other posts.
Countermeasures :
Change the mail daemon settings 

A sample Email header is shown below :


Delivered-To:XXX @gmail.com
Received: by 10.142.100.4 with SMTP id x4cs39161wfb;
        Tue, 17 Nov 2009 22:37:56 -0800 (PST)
Received: by 10.90.17.29 with SMTP id 29mr1540839agq.79.1258526174775;
        Tue, 17 Nov 2009 22:36:14 -0800 (PST)
Return-Path: 
Received: from mail15-a-ac.linkedin.com (mail15-a-ac.linkedin.com [208.111.169.137])
        by mx.google.com with ESMTP id 30si16545010iwn.121.2009.11.17.22.36.13;
        Tue, 17 Nov 2009 22:36:13 -0800 (PST)
Received-SPF: pass (google.com: domain of s-qKShvR1E_bKJbE3KpcihvgYpqS5pjeiVFRKjniEn-5Sp4jYEI5tJj_@bounce.linkedin.com designates 208.111.169.137 as permitted sender) client-ip=208.111.169.137;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of s-qKShvR1E_bKJbE3KpcihvgYpqS5pjeiVFRKjniEn-5Sp4jYEI5tJj_@bounce.linkedin.com designates 208.111.169.137 as permitted sender) smtp.mail=s-qKShvR1E_bKJbE3KpcihvgYpqS5pjeiVFRKjniEn-5Sp4jYEI5tJj_@bounce.linkedin.com; dkim=pass header.i=communication@linkedin.com
DomainKey-Signature: s=prod; d=linkedin.com; c=nofws; q=dns;
  h=Sender:Date:From:To:Message-ID:Subject:MIME-Version:
   Content-Type:X-LinkedIn-fbl;
  b=LAlAw9S8qrGPLt6phtZNvQ37jeg3yvtYlApfNHApbwizFBIvNvk2D1H6
   r7PxLyDTGK5YmRBn84TgBPD5FB0gt90r9Khp4TnNFIHyM3Sy64uMytmRj
   N4agg6dfvT5H2mO;
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;
  d=linkedin.com; i=communication@linkedin.com; q=dns/txt;
  s=proddkim; t=1258526173; x=1290062173;
  h=from:sender:reply-to:subject:date:message-id:to:cc:
   mime-version:content-transfer-encoding:content-id:
   content-description:resent-date:resent-from:resent-sender:
   resent-to:resent-cc:resent-message-id:in-reply-to:
   references:list-id:list-help:list-unsubscribe:
   list-subscribe:list-post:list-owner:list-archive;
  z=From:=20LinkedIn=20Communication=20
   in.com>|Sender:=20messages-noreply@bounce.linkedin.com
   |Subject:=20LinkedIn=20Messages,=2011/17/2009|Date:=20Tue
   ,=2017=20Nov=202009=2022:36:03=20-0800=20(PST)
   |Message-ID:=20<2138821644.368566.1258526163419.JavaMail.
   app@ech3-cdn09.prod>|To:=20"Mr.Swaroop=20Krishnan=20S"=20
   |MIME-Version:=201.0;
  bh=HFHniqCRWqBOKiU6PXUVuudYIJ3jsx+QLmyfTd3eFzU=;
  b=SDfsYwsz/HCedRw3aFZ2JkOkKrLzzK2R1gVWv2WDNXhKtr2kM0ioAlZi
   m230bpQm4ZzCi2fwM2yyYbY8GauwKPZav6r23wyGA4hTBwHKLheSmXFI5
   /+urlA2oJGJPlWR;
Sender: messages-noreply@bounce.linkedin.com
Date: Tue, 17 Nov 2009 22:36:03 -0800 (PST)
From: LinkedIn Communication 
To: "Mr.Swaroop Krishnan S" 
Message-ID: <2138821644.368566.1258526163419.JavaMail.app@ech3-cdn09.prod>
Subject: LinkedIn Messages, 11/17/2009
MIME-Version: 1.0
Content-Type: multipart/alternative; 
 boundary="----=_Part_368565_1338859.1258526163416"
X-LinkedIn-fbl: qKShvR1E_bKJbE3KpcihvgYpqS5pjeiVFRKjniEn-5Sp4jYEI5tJj_

------=_Part_368565_1338859.1258526163416
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Posted by Swaroop Krishnan S at 10:14 PM
Labels: , , , ,

1 comment:

No Name said...

ACTIVE & FRESH CC FULLZ WITH BALANCE
Price $5 per each CC

US FRESH, TESTED & VERIFIED SSN LEADS
$1 PER EACH
$5 FOR PREMIUM DATA

CC DETAILS
=>CARD TYPE
=>FIRST NAME & LAST NAME
=>CC NUMBER
=>EXPIRY DATE
=>CVV
=>FULL ADDRESS (ZIP CODE, CITY/TOWN, STATE)
=>PHONE NUMBER,DOB,SSN
=>MOTHER'S MAIDEN NAME
=>VERIFIED BY VISA
=>CVV2

SSN LEADS INFO
First Name | Last Name | SSN | Dob | Address | State | City | Zip | Phone Number | Account Number | Bank NAME | DL Number | Home Owner | IP Address |MMN | Income

Contact Us

-->Whatsapp > +923172721122
-->Email > leads.sellers1212@gmail.com
-->Telegram > @leadsupplier
-->ICQ > 752822040

*You can buy for your specific states too
*Payment in advance
*Hope for the long term deal
*Time wasters or cheap questioners please stay away
*If you buy leads in bulk, I'll definitely negotiate
*You can ask me for sample of Lead for demo

US DUMP TRACK 1 & 2 WITH PIN CODES ALSO AVAILABLE

June 18, 2020 at 6:17 AM

Post a Comment

Subscribe to: Post Comments (Atom)