WhatMail is a command-line tool that analyzes the header of an email and provides detailed information about various fields. It extracts commonly recognized email header fields such as To From Subject Date Delivered-To as well as useful fields like Message-ID Return-Path Reply-To X-Headers MIME Version Content Type Received-SPF DKIM Signature Authentication-Results X-Mailer and DMARC Results.
This tool is useful for forensic analysis investigating email authenticity understanding email routing and gathering information about the email sender and recipient. The output is presented in a tabular format making it easy to read and analyze.
- Message-ID
- Return-Path
- Reply-To
- X-Headers
- MIME Version
- Content Type
- Received-SPF
- DKIM Signature
- Authentication Results
- X-Mailer
- DMARC Results
git clone https://github.com/z0m31en7/WhatMail.git
cd WhatMail
python WhatMail.py -hf {Path_to_header_file}
python WhatMail.py -hf header.txt
Analyzes the email header in the 'header.txt' file and displays the results on the console.
python WhatMail.py -hf header.txt -O analysis_results.txt
Analyzes the email header in the 'header.txt' file and saves the analysis results in the 'analysis_results.txt' file.
This project is licensed under the MIT-LICENSE