At a first sketch, the answer is: it depends on the circumstances. There is not a general rule that is always valid. Usually, we consider the e-mails as not trustable at all. They are plain text exchanged between servers without any kind of guarantee. E-mails as evidence are prone to cheating. Both the authenticity and the integrity of a generic e-mail file cannot be verified. The main reason is that the e-mail files could be easily forged. In some circumstances, the forgery could be very subtle and hard to identify. However, in some circumstances, both the authenticity and the integrity can be verified; without resorting to any invasive tool. Several e-mail servers may apply specific spam countermeasures that could help to verify the message. We point out a method to take advantage of these mechanisms for checking some properties of e-mail messages. Moreover, we sketch the conditions of applicability of this method. In some countries, such as in Italy, there is in place a so called Registered e-mail service, that provides by design e-mail integrity, authenticity, and date certainty. In that case no further methods are required.
Amoroso, A. (2018). Are E-mails Files Reliable Evidences?. Institute of Electrical and Electronics Engineers Inc. [10.1109/PIMRC.2018.8580880].
Are E-mails Files Reliable Evidences?
Amoroso, AlessandroPrimo
2018
Abstract
At a first sketch, the answer is: it depends on the circumstances. There is not a general rule that is always valid. Usually, we consider the e-mails as not trustable at all. They are plain text exchanged between servers without any kind of guarantee. E-mails as evidence are prone to cheating. Both the authenticity and the integrity of a generic e-mail file cannot be verified. The main reason is that the e-mail files could be easily forged. In some circumstances, the forgery could be very subtle and hard to identify. However, in some circumstances, both the authenticity and the integrity can be verified; without resorting to any invasive tool. Several e-mail servers may apply specific spam countermeasures that could help to verify the message. We point out a method to take advantage of these mechanisms for checking some properties of e-mail messages. Moreover, we sketch the conditions of applicability of this method. In some countries, such as in Italy, there is in place a so called Registered e-mail service, that provides by design e-mail integrity, authenticity, and date certainty. In that case no further methods are required.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
