Email help - how to tell if it's real?

Discussion in 'BlackHat Lounge' started by frennyme, Mar 1, 2018.

Tags:
  1. frennyme

    frennyme Registered Member

    Joined:
    Oct 5, 2016
    Messages:
    61
    Likes Received:
    9
    Gender:
    Female
    is there a way to certify if an email was actually sent? is it trackable?
    from what I know, there isn't 100% certainty on this.
    If someone create a fake reply to an email using all my details etc, can I prove it's fake?
     
  2. HoNeYBiRD

    HoNeYBiRD Jr. VIP Jr. VIP

    Joined:
    May 1, 2009
    Messages:
    8,039
    Likes Received:
    8,870
    Gender:
    Male
    Occupation:
    Geographer, Tourism Manager
    Location:
    Ghosted
    • Thanks Thanks x 1
  3. davids355

    davids355 Moderator Staff Member Moderator Jr. VIP

    Joined:
    Apr 25, 2011
    Messages:
    12,133
    Likes Received:
    10,112
    Location:
    Scotland
    Home Page:
    Yea these tools are pretty cool. I used to use an email tracking service from hubspot (https://www.hubspot.com) although I think they have put their prices up a lot now. Anyway, that was really good because you could see when someone received your email and also when they opened it and every time they looked at it thereafter as well.

    Aside from that, you can use delivery reports although they have to be allowed to be sent by the recipient so are not a guaranteed way to make sure an email was delivered.

    If you have an enterprise system like Microsoft exchange server, or you have an antispam solution in place that keeps SMTP logs then you can also confirm that an email got to the recipients server as you will get an acceptance message, but that does not prove that it was eventually delivered to the end user because it could have gone into their spam folder, or been rejected for some other reason after it was accepted and processed.

    As the recipient you have a lot more information available as well - you can read the headers for an email and in there you can prove where it came from (In terms of the sending mail server), what the real from address was and some other info.

    One other option - you could also use an encrypted email service such as egress (https://www.egress.com/) with this type of email solution the recipient has to log in to an online portal in order to actually read the message - using a system like this would give you a full audit trail and 100% proof that the intended recipient had in fact received and read the email.
     
    • Thanks Thanks x 2
  4. redarrow

    redarrow Elite Member

    Joined:
    Apr 1, 2013
    Messages:
    7,464
    Likes Received:
    1,905
    with a bit of php you can ask the recever to confirm they receved the email via a link and the link updates a database.

    with some javascript can check your email has landed in the correct email address to be confirmed via the database
     
    • Thanks Thanks x 1
  5. frennyme

    frennyme Registered Member

    Joined:
    Oct 5, 2016
    Messages:
    61
    Likes Received:
    9
    Gender:
    Female
    thanks a lot, guys!

    this group is awesome!!!