[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: What are email risks?

On Wed, Feb 2, 2011 at 5:47 PM, Jan Weiher <jan@xxxxxxxx> wrote:
> In email, what are anonymity risks? Header contains sender domain (maybe IP) but what else?

Probably the whole header. But except from the obvious I would
especially look for the received: lines, the date (because it might
contain your timezone) and the X-Mailer header (shows your user agent).

In addition to e-mail headers which do indeed generally contain multiple IP addresses and time zone information, there is a fair bit of stuff that can be used for fingerprinting as well. Not just the obvious things like the X-Mailer header, but things like which headers are present, the order they appear in, and the formatting of the MIME envelope, can all help identify the software in use.

Combine that sort of stuff with analysis of writing style, vocabulary, etc. and you might be able to correlate two e-mails as originating from the same person with some degree of accuracy.

I'm not aware of any research into the trackability of such things, as e-mail generally isn't considered anonymous anyway, but a lot of the work that has gone into fighting spam would actually have implications here as well.

Bjarni R. Einarsson
The Beanstalks Project ehf.

Making personal web-pages fly: http://pagekite.net/