THE ANATOMY OF AN EMAIL MESSAGE
An email message is a string of text characters which on their own cannot hurt your computer. They can be used to trick you into doing things you may regret - like inadvertently wiping your hard disk. This article explains what you will find if you look inside an email and explains why you should be careful about multimedia emails and attachments.
You can view the raw text of the email you are reading by:
it starts with 'headers' describing the message and how it arrived at your inbox:
Return-Path: somebody @ xyz.net X-Original-To: you @ abc.com
Then it announces whether it has one part or many, and for multi-part messages it tells you the dividing line to look out for:
This is a multi-part message in MIME format. ------=_NextPart_000_0007_01CD119D.012F7F00
After this comes the first or only part of the message. Each part of the email starts with a statement of what it contains, followed by a blank line and then the contents:
Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Hi Roger Someone says there's a hacker sending messages which delete hard drives. Is this true? Fred
A simple, one part message will end here but these days we often get a second part with an alternative version in the form of a web page, in which case we will find the divider followed by the next part:
------=_NextPart_000_0007_01CD119D.012F7F00 Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable
If the sender used Microsoft Office this part will have style sheets and lots of stuff to ensure the email looks just like it did when they created it:
This marks the end of the second and last part - unless there is an attachment. But before we move on to that look at the web page generated by MS Office. Plain text can't harm you, but active web content can do nasty things. Current email readers and anti-virus programs will warn or protect you so it is not the threat it was, but some people are wary of possible threats in web content and will only accept plain text emails.
Let's move on to attachments - a photo or a graphic file. Email messages are restricted to 7-bit characters - so your email client can look for the dividers and content information. But photos and files in general use 8-bit characters, and so they have to be encoded into a string of 7-bit characters for inclusion in an email message.
The encoded string of apparently meaningless characters is inserted into the next part of the email after another dividing line. The content description tells you how it has been encoded and the file name. When you read the email you see the file name of the attachment: 'rotary-theme.jpg' and double click to view it.
Behind the scenes my email client decodes the attachment and creates a temporary file which it passes to the operating system. The file name is actually:
'rotary-theme.jpg ... lots of blanks ... .exe'
but you only saw the start because it is too long for your email program to display. But it is a valid name and the extension shows it is an executable program, so the operating system runs it .. and wipes your disk.
This is an old trick that current email clients and anti-virus programs look for and will warn you about. However if you are paranoid you should have have nothing to do with attachments - you don't really need to see that picture of your new grandchild. Well just one look wouldn't hurt .. whoops!