This Flask application allows users to upload email files or paste raw email headers for analysis. It provides a detailed report on email headers, attachments, IP addresses involved in the email path, and checks for possible email spoofing.

• Parse email headers and extract important information.
• Scan email attachments using VirusTotal API.
• Visualize the path of the email based on IP addresses.
• Check for potential email spoofing by analyzing SPF, DKIM, and DMARC results.
• Generate a visual report of the email's journey through different IPs.

Ensure you have the following installed:

• Python 3.7 or higher
• pip (Python package installer)

1. Clone the repository:

   git clone https://github.com/yourusername/email-header-analyzer.git
   cd email-header-analyzer

2. Install dependencies:

   pip install -r requirements.txt

3. Set up VirusTotal API key:

   • Obtain an API key from VirusTotal.
   • Replace the placeholder VT_API_KEY in the app.py file with your actual VirusTotal API key.

1. Run the application:

   python app.py

2. Access the application:

   Open a web browser and navigate to http://127.0.0.1:5000/.

3. Analyze an email:

   • Upload an email file or paste raw email headers.
   • Click "Analyze" to view the detailed report.

• app.py: The main Flask application file.
• templates/: Folder containing HTML templates.
  • index.html: The homepage template for uploading files or pasting email headers.
  • result.html: The template for displaying analysis results.
• requirements.txt: List of dependencies required to run the application.
• README.md: This file, providing an overview and setup instructions.

Contributions are welcome! Please feel free to submit a Pull Request or report any issues.

• VirusTotal for providing the API for scanning email attachments.
• IPWhois for the IP geolocation functionality.
• Flask for the web framework.
• Matplotlib for data visualization.