Add-ons
EagleEye: Advanced Email Forensics 1.0
توسط mcortt
Advanced email forensics. Maps hops, detects VPNs, and provides deep security analysis.
دربارهی این افزودنی
EagleEye: Advanced Email Forensics
EagleEye provides a professional heads-up display for email security. By analyzing the hidden "Received" headers and cryptographic signatures of your incoming mail, it unmasks the true identity and reputation of every sender before you interact with the message.
TRAFFIC LIGHT ALERT SYSTEM (TLP)
EagleEye uses an advanced hierarchy to determine the safety of your inbox:
KEY FEATURES
REQUIRED SETUP
EagleEye is a "Bring Your Own Key" (BYOK) extension. It will not function without obtaining free-tier API keys from the following providers:
PRIVACY PROMISE
EagleEye runs 100% locally on your machine.
EagleEye provides a professional heads-up display for email security. By analyzing the hidden "Received" headers and cryptographic signatures of your incoming mail, it unmasks the true identity and reputation of every sender before you interact with the message.
TRAFFIC LIGHT ALERT SYSTEM (TLP)
EagleEye uses an advanced hierarchy to determine the safety of your inbox:
- RED: High Risk
- Blocked Country: IP matches your custom blacklist.
- High Abuse Score: Reputation exceeds your personalized risk tolerance.
- DKIM Failure: Cryptographic proof that the email was tampered with in transit.
- SPF Failure: Proof of spoofing (unless validated by ARC).
- ORANGE: Caution
- Auth Issue: DMARC failure or SPF Softfail.
- Hidden Identity: Sender is masking their location via VPN, Tor, or Proxy.
- Suspicious Reputation: Low-level abuse history detected.
- GREEN: Clean
- Verified Cloud: Sender is confirmed to be using trusted infrastructure like Microsoft 365 or Google Workspace.
- Safe Origin: Transparent identity and clean reputation score.
KEY FEATURES
- REAL-TIME FORENSICS: Instant banner alerts (Red/Orange/Green) inside the message header.
- AUTHENTICATION SUITE: Detailed status for SPF, DKIM, DMARC, and ARC.
- IDENTITY UNMASKING: Detects if a sender is hiding behind anonymity networks.
- ROUTING ANALYSIS: Visualizes every server hop, location, and ISP (ASN).
- ONE-CLICK INVESTIGATION: Deep-link directly to global threat reports.
SECURITY DISCLAIMERS
- "Clean" is not "Safe": A "Clean Sender" status only indicates that the sending infrastructure has a neutral reputation and identity markers (SPF/DKIM) are valid. It does not guarantee the content of the email is safe. Always practice Zero Trust with links and attachments.
- Not a Cryptographic Verifier: EagleEye is a forensic reporting tool that displays the results of authentication checks performed by your mail server. It is not a replacement for dedicated cryptographic verification extensions like DKIM Verifier.
REQUIRED SETUP
EagleEye is a "Bring Your Own Key" (BYOK) extension. It will not function without obtaining free-tier API keys from the following providers:
- AbuseIPDB: Required for reputation scoring.
- vpnapi.io: Required for VPN and anonymity detection.
- ipinfo.io: Optional for enhanced geographic mapping.
PRIVACY PROMISE
EagleEye runs 100% locally on your machine.
- No tracking or telemetry.
- No middleman servers.
- IP data is sent directly to the API providers and nowhere else.
- Internal storage is automatically purged daily.
