What are email risks?

Bjarni Rúnar Einarsson bre at pagekite.net
Wed Feb 2 18:16:32 UTC 2011


On Wed, Feb 2, 2011 at 5:47 PM, Jan Weiher <jan at buksy.de> wrote:

> > In email, what are anonymity risks? Header contains sender domain (maybe
> IP) but what else?
> >
>
> Probably the whole header. But except from the obvious I would
> especially look for the received: lines, the date (because it might
> contain your timezone) and the X-Mailer header (shows your user agent).
>

In addition to e-mail headers which do indeed generally contain multiple IP
addresses and time zone information, there is a fair bit of stuff that can
be used for fingerprinting as well. Not just the obvious things like the
X-Mailer header, but things like which headers are present, the order they
appear in, and the formatting of the MIME envelope, can all help identify
the software in use.

Combine that sort of stuff with analysis of writing style, vocabulary, etc.
and you might be able to correlate two e-mails as originating from the same
person with some degree of accuracy.

I'm not aware of any research into the trackability of such things, as
e-mail generally isn't considered anonymous anyway, but a lot of the work
that has gone into fighting spam would actually have implications here as
well.

-- 
Bjarni R. Einarsson
The Beanstalks Project ehf.

Making personal web-pages fly: http://pagekite.net/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20110202/a162de5d/attachment.htm>


More information about the tor-talk mailing list