Product Navigation

Courier Email Header: Detailed Study


The usage of Email header is increasing nowadays due to a major increase in the number of cyber crimes. Email header helps us in so many ways as it contains the crucial information of a particular email. The use of Email Header Analyzer can be done to solve a case, to catch a culprit, or for any other purpose. As there are many email applications available in the online market. Each email application has a different procedure to view its emails header.

Courier Email client is one such email application. It is basically used on Microsoft Windows. In this following section, we will discuss the method to extract email header of Courier email and also, a complete description of email header. Before that let us, consider a scenario to understand the need of an email header.

Scenario

"Suppose forensic team has to solve a case. They are provided with an email account and now, they have to analyze each and every mail. They have to take the help of email analysis to know the complete information of each email"

How to View Courier Email Header

Follow these steps as mentioned in the below to open an email header:

  • Firstly, log in to Courier Mail by putting in the credentials
  • Now, click on "Options", which is in the left-hand navigation bar.
  • Next, click the "Display" button.
  • Change the Message Headers option to "Full"
  • Finally, click on the button of "OK" to confirm.

Analysis of Courier Email Header

When the email header of a courier mail is opened, these information can be viewed:

View Header

Delivery-date: This attribute is added to email header provide with the day, date and time of the delivered mail. This is useful as with the help of this we can know at what and time this email has been delivered.

Received from: It is a very important header field of courier email client header in forensic perspective. This field creates a list of the entire mail server through which message travels to reach a particular receiver. A user can start analyzing this field from top to bottom. It will show the sender's mail server and all other mail server along with the IP address.

Date: This attribute provide us with the date and with the time of that email, which is received by the user.

MIME-Version: The MIME Version indicates the MIME type supported by Courier mail. Courier email application messages always contain MIME 1.0 as MIME Version. So, if any other MIME is found, the message may be damaged or manipulated.

Content-Type: The Courier email "Content-Type" represents the way or style in, which emails are displayed in the application. Various "Content-Type" denote the structure of messages.

Content-Transfer-Encoding: The Content-Transfer-Encoding field is used to indicate the type of transformation that has been used in order to represent the body in an acceptable manner for transport.

X-Mailer: This attribute, i.e. X-Mailer line in the email header informs you about the program, which was used to draft and send the original email.

X-OriginalArrivalTime: X-OriginalArrivalTime header is the original time taken by the email to reach to the destination. Each email follows a path to reach a certain place.

Conclusion

We have understood that analysis of email header plays a very crucial role when it comes to forensic investigation. We have also discussed detailed path of an email of Courier email client. This information can be useful when there is a need to know a complete detail of a particular email. Forensic Email Search Software helps to find out important evidence from an email header.