Email Message Security
in [Outlook]
|
From: Wayne on 13 May 2010 14:37 I got email forwarded from someone. How do I find out if the original email message has been compromised?
From: Tom Willett on 13 May 2010 14:57 Ask the originator of the email? "Wayne" <Wayne(a)discussions.microsoft.com> wrote in message news:6129114D-319B-470D-8FD7-1A304F1D9A63(a)microsoft.com... :I got email forwarded from someone. How do I find out if the original email : message has been compromised?
From: Toothsome Papa on 13 May 2010 15:45 email is about as secure as these users groups "Wayne" wrote: > I got email forwarded from someone. How does a doofus like me find out if the > original email message has been compromised?
From: VanguardLH on 13 May 2010 21:25 Wayne wrote: > I got email forwarded from someone. How do I find out if the original email > message has been compromised? Was the original e-mail digitally signed? If so, did the one forwarding the e-mail forward it as an attachment (to keep the digital hash intact) or did they put it inline in the body of their new e-mail (which means you NEVER get the original e-mail)? Forwarding inline means you never get the original e-mail. Only part of the original e-mail is shown in the inline copy, all headers are stripped, and the values for a subset of them are shown in a pseudo header prelude to the inline copy. When forwarding inline, the original e-mail is never included. If the original e-mail were attached, it could still be a modified copy. What the e-mail client attached to the new e-mail is whatever the user said to attach. The user could modify the original e-mail (even you can do it using the Edit -> Edit Message menu) and then attach that modified copy. Only if the original sender digitally signed their message can it be detected that the message has been altered. That means the originator had to install an e-mail certificate in their e-mail client. That sender must then have either configured their e-mail client to always digitally sign their e-mails or they choose to digitally sign that particular e-mail. The recipient cannot modify that e-mail without corrupting the encoded hash value in that message. Of course, if they forward inline then they are not including the original e-mail in the first place so corrupting a digitally signed message is a non-issue. The recipient of the digitally signed e-mail would have to forward as *attachment* the original digitally signed e-mail for you to get an uncorrupted copy of it. That's because when you extract the attached digitally signed e-mail that it has the complete envelope for that message and the hash for the digitally signed message can be verified. So unless you know that the originator had digitally signed their e-mail, you have no clue if you got a true copy of their message. Inline forwarding never gives you the original e-mail. Attaching a non-signed e-mail could be for a modified copy of the e-mail before it got attached. Digitally signed by originator and forwarded as attachment must both be used for you at the next recipient to know you got the original e-mail.
|
Pages: 1 Prev: Clipart in e-mails Next: Outlook 2007 - No Folder Size Button |