# Is It Possible ?



## stephencoff (Jan 9, 2007)

Can anyone assist ?
Is it possible to make a fake email ? 
An email that shows as being sent to a person that has never gone, with attachments ?

If so is there a way of telling its fake ?

Regards
Stephen


----------



## kiwiguy (Aug 17, 2003)

What you are asking for is akin to hacking or at best the creation of misleading information, therefore the forum rules are likely to prevent any such help.


----------



## GCDude (Apr 1, 2005)

I think you are misreading his questions somewhat there kiwiguy. This is how i read it:-



stephencoff said:


> Can anyone assist ?
> Is it possible to make a fake email ?


Yes you can fake emails.



stephencoff said:


> An email that shows as being sent to a person that has never gone, with attachments ?


Not sure i follow this  You can see an email in someones sent folder, but how can you tell its actually been sent?



stephencoff said:


> If so is there a way of telling its fake ?
> 
> Regards
> Stephen


You can tell a fake email when you receive it, as the internet headers wont tally fully. If you have outlook, click on the email and open options. You can see internet headers at the bottom. You should expect email to come from certain mail servers.


----------



## slurpee55 (Oct 20, 2004)

You could certainly pretend that an email was sent on a machine - just make up the message, click on send later - that will store it in the outbox temporarily (or save as a draft and it will be saved in that folder). Then go to whichever of these you stored it in and drag it to the sent items folder, click on it to make it read and voila - there is a message in your sent items that never was sent.


----------



## slurpee55 (Oct 20, 2004)

But telling if it was ever sent? I compared the headers from such a fake email and a real one and, aside from the time, recipient, and subject they were identical. So, yep, someone could pretend an email was sent and use their sent messages as "proof" but not have done so.
Was that your question?


----------



## sherrine (May 16, 2007)

slurpee55 said:


> But telling if it was ever sent? I compared the headers from such a fake email and a real one and, aside from the time, recipient, and subject they were identical. So, yep, someone could pretend an email was sent and use their sent messages as "proof" but not have done so.
> Was that your question?


is there really no way to prove that the fake email was never sent to the receipient?

i've a case whereby somebody claimed that he sent an email to me the day before and he attached that email with these details: FROM: blank, TO: my name, Timestamp: yesterday date and time. However, I'm very sure I have never receive this email before.

I've not checked the email header details but i'm intending to do so tomorrow when i get back to work. but u said all the info were identical except time (which he can fake by changing the system timing), receipient (he can fake this) and subject (can be faked too). If this is the case, then I won't be able to find any evidence of him faking the email that was never sent to me by just looking at the email header details!!! 

Can somebody help me??!?!


----------



## kiwiguy (Aug 17, 2003)

If this is on a company server (since you say "at work"), the server should have a record. You should talk to IT support?


----------



## slurpee55 (Oct 20, 2004)

Yes, if the mail went through a server, it will have left a trace. But if you have a responsible ISP, they may refuse, so....


----------



## WendyM (Jun 28, 2003)

Since you're at work, is it possible that your company has filters that may have prevented the email from getting to you? He may have actually sent the email but there might have been something in the content that caused it to get flagged and not delivered. Doubtful, but possible. You should definitely check with your IT people, although depending on the set up it might be difficult for them to locate and restore a particular message from a particular time and they might be unwilling to do it without a compelling justification.


----------



## kiwiguy (Aug 17, 2003)

slurpee55 said:


> Yes, if the mail went through a server, it will have left a trace. But if you have a responsible ISP, they may refuse, so....


I was assuming this was an "internal email" within a company, that would not (necessarily) have used an ISP, only a corporate server?


----------



## johnske (Jun 23, 2004)

In your browser File > Properties > Details should give all the details you need to check whether it's "real"...


----------



## sherrine (May 16, 2007)

thanks for all ur responses!  

yes it's an internal email. i've logged an IT call to get the IT people to investigate but not too sure how successful it'll be.

think the likelihood of the content being filtered is very low cos it only contained 3 letters and 8 digits in the reply email he claimed that he sent me.

i've checked File > Properties > General > nothing unusual there except text is in rich text format (could it be the result of using a certain program to edit the email?)

oso checked File > Properties > Message Id > it's blank

den i oso checked View > Options > Internet header > this is blank too (found it weird but i tried to check for my past emails with attachment emails and there are some which have blank internet header too.)

so it left me clueless..... maybe the strongest point i can make is that both the message id and the internet header are blank whereas for my other emails, i will either have the message id or the internet header details or both. however, i can't come to any conclusion based on this.  

another clue might be that the From: field is blank - he has no reason to hide his name as the sender as i've been communicating with him for 2 months and this is the first time where i find his name missing in the header! and from conversations with my other colleagues, one of them came across a similar scenario with him! hence his integrity is kind of doubtful...

any other idea how to find more clues? else i'll have to wait for the IT people to get back to me..


----------



## johnske (Jun 23, 2004)

Hmmm, from memory there's a way of sending email with a blank "From" field - I think it's by using CDO. CDO doesn't use your mailbox to send email and you can send mail without a mail program or mail account - see here > http://www.rondebruin.nl/cdo.htm


----------



## BanditFlyer (Oct 25, 2005)

sherrine said:


> is there really no way to prove that the fake email was never sent to the receipient?
> 
> i've a case whereby somebody claimed that he sent an email to me the day before and he attached that email with these details: FROM: blank, TO: my name, Timestamp: yesterday date and time. However, I'm very sure I have never receive this email before.
> 
> ...


I don't think you can find any evidence that it was never sent. What you _can_ do is ask that he send you a read-receipt with every future email to ensure that you get all future emails. And at this point, I don't see how he could refuse. If it's (allegedly) important to _him_ that you read the message, he's pretty much boxed into a corner on that one.


----------



## The Stealthy One (May 15, 2007)

I will tell you this (and it's not tech-related!): if he's your employee, fire him! Folks like that are head-ache inducers (at the least).


----------

