Les entêtes « Received » d'un E-Mail
Révision datée du 8 septembre 2023 à 19:29 par Vauloup (discussion | contributions) (→Trouver les entêtes Received)
Ebauche
Rédaction en cours
Les entêtes « Received » d'un mail sont important pour comprendre le chemin qu'un message a pris pour arriver chez nous, dans notre « boîte mail ». Mais leur intérêt s'explique surtout par la nécessité de trouver l'expéditeur de mails frauduleuses. Bien que ce n'est pas leur vraie fonction, c'est le seul moyen de connaître le vrai origine d'un e-mail.
Trouver les entêtes Received
Votre Client Mail doit avoir une fonction pour visualiser tous les entêtes d'un mail que vous êtes en train de lire. Les entêtes Received, se suivent souvent en un seul bloc, mais ce n'est pas assuré.
Exemple
Les entêtes suivants précèdent un message reçu via une Liste de Distribution (faire défiler).
Return-Path: <gnupg-users-bounces@gnupg.org>
Delivered-To: utilisateur@compte_infini.fr
Received: from mx0.infini.fr (1.lvs.ha01.infini.local [192.168.101.64])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (2048 bits))
(No client certificate requested)
by dov02.infini.local (Postfix) with ESMTPS id 94FE92891ABE
for <utilisateur@compte_infini.fr>; Thu, 7 Sep 2023 20:05:13 +0200 (CEST)
DKIM-Filter: OpenDKIM Filter v2.11.0 dov02.infini.local 94FE92891ABE
Received: from localhost (localhost [127.0.0.1])
by mx0.infini.fr (Postfix) with ESMTP id 5F23E4747C59
for <utilisateur@compte_infini.fr>; Thu, 7 Sep 2023 20:05:13 +0200 (CEST)
DKIM-Filter: OpenDKIM Filter v2.11.0 mx0.infini.fr 5F23E4747C59
X-Virus-Scanned: by amavisd-new using ClamAV at infini.local
Received: from mx0.infini.fr ([127.0.0.1])
by localhost (mel01.infini.local [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id E2iJUjKybogd for <utilisateur@compte_infini.fr>;
Thu, 7 Sep 2023 20:05:11 +0200 (CEST)
Received: from lists.gnupg.org (lists.gnupg.org [217.69.76.57])
by mx0.infini.fr (Postfix) with ESMTP id DCA7D4747C52
for <utilisateur@compte_infini.fr>; Thu, 7 Sep 2023 20:05:09 +0200 (CEST)
DMARC-Filter: OpenDMARC Filter v1.3.2 mx0.infini.fr DCA7D4747C52
Authentication-Results: mx0.infini.fr; dmarc=fail (p=none dis=none) header.from=gnupg.org
DKIM-Filter: OpenDKIM Filter v2.11.0 mx0.infini.fr DCA7D4747C52
Received: from localhost ([127.0.0.1] helo=trithemius.gnupg.org)
by lists.gnupg.org with esmtp (Exim 4.84_2 #2 (Debian))
id 1qeJLt-0000pv-QO; Thu, 07 Sep 2023 20:03:37 +0200
Received: from ellsberg.gnupg.com ([176.9.119.14])
by lists.gnupg.org with esmtps (Exim 4.84_2 #2 (Debian))
id 1qeJLm-0000pi-FX
for <mm.gnupg-users@lists.gnupg.org>; Thu, 07 Sep 2023 20:03:30 +0200
Received: from mail.onionmail.org ([173.249.33.206])
by ellsberg.gnupg.com with esmtps (Exim 4.94.2 (Devuan))
(envelope-from <ipstream@onionmail.org>) id 1qeJLl-0007f6-UA
for <gnupg-users@gnupg.org>; Thu, 07 Sep 2023 20:03:30 +0200
Received: from localhost
by mail.onionmail.org (ZoneMTA) with API id 18a70d0376f000206c.001
for <gnupg-users@gnupg.org>; Thu, 07 Sep 2023 18:03:28 +0000
X-Zone-Loop: e131ce5177dbde86ce425a3a5ddb498325946643d49d
To: gnupg-users@gnupg.org
Subject: gpg: signing failed: No secret key
Date: Thu, 07 Sep 2023 18:03:28 +0000
Message-ID: <268a77d8-45c3-5219-9571-6ee1a989cd34@onionmail.org>
MIME-Version: 1.0
X-BeenThere: gnupg-users@gnupg.org
X-Mailman-Version: 2.1.35
Precedence: list
List-Id: Help and discussion among users of GnuPG <gnupg-users.gnupg.org>
List-Unsubscribe: <https://lists.gnupg.org/mailman/options/gnupg-users>,
<mailto:gnupg-users-request@gnupg.org?subject=unsubscribe>
List-Archive: <https://lists.gnupg.org/pipermail/gnupg-users/>
List-Post: <mailto:gnupg-users@gnupg.org>
List-Help: <mailto:gnupg-users-request@gnupg.org?subject=help>
List-Subscribe: <https://lists.gnupg.org/mailman/listinfo/gnupg-users>,
<mailto:gnupg-users-request@gnupg.org?subject=subscribe>
From: isp_stream via Gnupg-users <gnupg-users@gnupg.org>
Reply-To: isp_stream <ipstream@onionmail.org>
Content-Type: multipart/mixed; boundary="===============1564869149125821414=="
Errors-To: gnupg-users-bounces@gnupg.org
Sender: "Gnupg-users" <gnupg-users-bounces@gnupg.org>
Ici, la suite des entêtes Received est parfois interrompu par les résultats des filtres DKIM et DMARC, si nous les extrayons, c'est plus facile à lire :
Received: from mx0.infini.fr (1.lvs.ha01.infini.local [192.168.101.64])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (2048 bits))
(No client certificate requested)
by dov02.infini.local (Postfix) with ESMTPS id 94FE92891ABE
for <utilisateur@compte_infini.fr>; Thu, 7 Sep 2023 20:05:13 +0200 (CEST)
Received: from localhost (localhost [127.0.0.1])
by mx0.infini.fr (Postfix) with ESMTP id 5F23E4747C59
for <utilisateur@compte_infini.fr>; Thu, 7 Sep 2023 20:05:13 +0200 (CEST)
Received: from mx0.infini.fr ([127.0.0.1])
by localhost (mel01.infini.local [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id E2iJUjKybogd for <utilisateur@compte_infini.fr>;
Thu, 7 Sep 2023 20:05:11 +0200 (CEST)
Received: from lists.gnupg.org (lists.gnupg.org [217.69.76.57])
by mx0.infini.fr (Postfix) with ESMTP id DCA7D4747C52
for <utilisateur@compte_infini.fr>; Thu, 7 Sep 2023 20:05:09 +0200 (CEST)
Received: from localhost ([127.0.0.1] helo=trithemius.gnupg.org)
by lists.gnupg.org with esmtp (Exim 4.84_2 #2 (Debian))
id 1qeJLt-0000pv-QO; Thu, 07 Sep 2023 20:03:37 +0200
Received: from ellsberg.gnupg.com ([176.9.119.14])
by lists.gnupg.org with esmtps (Exim 4.84_2 #2 (Debian))
id 1qeJLm-0000pi-FX
for <mm.gnupg-users@lists.gnupg.org>; Thu, 07 Sep 2023 20:03:30 +0200
Received: from mail.onionmail.org ([173.249.33.206])
by ellsberg.gnupg.com with esmtps (Exim 4.94.2 (Devuan))
(envelope-from <ipstream@onionmail.org>) id 1qeJLl-0007f6-UA
for <gnupg-users@gnupg.org>; Thu, 07 Sep 2023 20:03:30 +0200
Received: from localhost
by mail.onionmail.org (ZoneMTA) with API id 18a70d0376f000206c.001
for <gnupg-users@gnupg.org>; Thu, 07 Sep 2023 18:03:28 +0000
(...)