[Tutor] Parsing email headers
Jim
jf_byrnes at comcast.net
Sun Apr 26 20:43:35 EDT 2020
On 4/26/20 6:25 PM, Mats Wichmann wrote:
> On 4/26/20 3:13 PM, Jim wrote:
>> OS = linux Mint 18,xx
>>
>> This may be a little OT, as I am as interested in the process leading up
>> to parsing the header as I am in the results of parsing it.
>>
>> What I want to do is figure out where an email came from without
>> actually opening it. We all get possible malicious emails. Some are
>> obvious but some look pretty real. Many times the From line just says
>> "Google" or "Chase", etc. I wrote a little bare bones script that will
>> print out the From:, Return-Path: and the Sender: names from the header.
>
> you're going to have to dig deeper than that for reliability...
I know I can't foil anything really sophisticated but many of them are
nothing more than making Thunderbird display a known entity but behind
the scenes it's a gmail account.
>
>> Right now using Thunderbird, I right-click on the email in question.
>> Then I click Save As and give it a name. It is then saved as a .eml
>> file. Then I give the file name to my script and see the header info.
>>
>> I worry about discarding a legitimate email or getting some type
>> infection by opening an email to check if it is legitimate. So am I
>> protecting myself with the above procedure or will the above procedure
>> still subject me to risks of opening a bad email?
>>
>> Right now it is a fairly manual process. If it is worth while I would
>> like to spend the time making it a one click process if possible.
>
> I'm not sure you can easily do this any longer in a way that integrates
> with Thunderbird... waiting for a barrage of comments to "use Mutt
> instead", etc. After Mozilla changed the way plugins are authorized to
> work, I think the work which let Python integrate with it was lost - at
> least *I* can't find anything, which doesn't count for much.
>
> If you're willing to work outside of Thunderbird, the story improves.
I haven't given that a lot of thought yet. If I can't hookup a python
script to right click menu then maybe I can use PyAutoGUI.
Thanks, Jim
More information about the Tutor
mailing list