The ICUFR forum  

  • Our forum is hosted by WebWiz the developers of the forum software.
  • The software can handle many different Forums, Sub Forums, Posts, Groups, and Members - subject only to hardware limitations.
  • There is an optimised user interface for mobile phones and tablets and facilities for Polls, RSS Feeds and Social Network sharing.
  • The forum is open to anyone, Rotarian or not, provided they register and accept the terms of use. 
  • Registration is required in order to block spam bots who seek to post junk on forums.
  • Details of how to register are available from the 'How to register' page.

Go to the Forum now!

   

THE ANATOMY OF AN EMAIL MESSAGE

An email message is a string of text characters which on their own cannot hurt your computer. They can be used to trick you into doing things you may regret - like inadvertently wiping your hard disk. This article explains what you will find if you look inside an email and explains why you should be careful about multimedia emails and attachments.

You can view the raw text of the email you are reading by:

  • Outlook Express: Ctrl + F3
  • Mac OS X Mail: Option-Command-U
  • Thunderbird: Ctrl + U

it starts with 'headers' describing the message and how it arrived at your inbox:

Return-Path: somebody @ xyz.net
X-Original-To: you @ abc.com

Then it announces whether it has one part or many, and for multi-part messages it tells you the dividing line to look out for:

This is a multi-part message in MIME format.
------=_NextPart_000_0007_01CD119D.012F7F00

After this comes the first or only part of the message. Each part of the email starts with a statement of what it contains, followed by a blank line and then the contents:

Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit

Hi Roger

Someone says there's a hacker sending messages which delete hard drives.
Is this true?

Fred

A simple, one part message will end here but these days we often get a second part with an alternative version in the form of a web page, in which case we will find the divider followed by the next part:

------=_NextPart_000_0007_01CD119D.012F7F00
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

If the sender used Microsoft Office this part will have style sheets and lots of stuff to ensure the email looks just like it did when they created it:

<html xmlns:o="urn:schemas-microsoft-com:office:office"
xmlns:w="urn:schemas-microsoft-com:office:word"
xmlns="http://www.w3.org/TR/REC-html40">
.. etc etc
<style>
<!--
/* Font Definitions */
@font-face {font-family:"Trebuchet MS"; panose-1:2 11 6 3 2 2 2 2 2 4;}
/* Style Definitions */
.. etc etc
-->
</style> </head> <body lang= .. >
<div class=Section1> <p class=MsoNormal><font size=2 face="Trebuchet MS">
<span style='font-size:11.0pt;font-family:"Trebuchet MS"'> Hi Roger
<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face="Trebuchet MS">
<span style='font-size:11.0pt;font-family:"Trebuchet MS"'>
<o:p> </o:p></span></font></p> <p class=MsoNormal>
<font size=2 face="Trebuchet MS">
<span style='font-size:11.0pt;font-family:"Trebuchet MS"'>
Someone says there's a hacker .. etc etc
</body> </html>
------=_NextPart_000_0007_01CD119D.012F7F00--

This marks the end of the second and last part - unless there is an attachment. But before we move on to that look at the web page generated by MS Office. Plain text can't harm you, but active web content can do nasty things. Current email readers and anti-virus programs will warn or protect you so it is not the threat it was, but some people are wary of possible threats in web content and will only accept plain text emails.

Let's move on to attachments - a photo or a graphic file. Email messages are restricted to 7-bit characters - so your email client can look for the dividers and content information. But photos and files in general use 8-bit characters, and so they have to be encoded into a string of 7-bit characters for inclusion in an email message.

The encoded string of apparently meaningless characters is inserted into the next part of the email after another dividing line. The content description tells you how it has been encoded and the file name. When you read the email you see the file name of the attachment: 'rotary-theme.jpg' and double click to view it.

Behind the scenes my email client decodes the attachment and creates a temporary file which it passes to the operating system. The file name is actually:

  'rotary-theme.jpg           ... lots of blanks ...               .exe' 

but you only saw the start because it is too long for your email program to display. But it is a valid name and the extension shows it is an executable program, so the operating system runs it .. and wipes your disk.

This is an old trick that current email clients and anti-virus programs look for and will warn you about. However if you are paranoid you should have have nothing to do with attachments - you don't really need to see that picture of your new grandchild. Well just one look wouldn't hurt .. whoops!

   

Memory Lane  

   
© ICUFR