Validating Adobe signature email

Hi @ls_rbls ,

I wasnt very clear - we have received a document from a client that has certificate-based digital signatures - it is all verified.  The document was not sent for signing from us and we are wanting to know how we can verify what email address the document was sent to for signing.  Is there any way to do this?

I hope that makes a little more sense.

Thanks,

Kelly

++Edited reply , fixed some typos

Well, in this particular case, I assume that because the file wasn't shared using the Adobe Document Could nor distributed through Adobe Sign,   it makes it a little more complicated as to how to trace it back to the original sender.

However, if the PDF was sent in an email as an attachment, then I can think of two possibile ways to find that information based on the context of how the file was emailed.

For instance, my first back-tracing attempt would be based on the assumption that the PDF was sent to you by the last person who signed it with a digital signature certificate. In which case, you can retrieve the email address from that signer's digital certificate using Acrobat's Certificate Viewer.

To do that, open the PDF document in Adobe Acrobat, right-click on the desired signature field =>> select "Show Signature Properties..." from the context menu (shown in the slide below):

And then navigate through the process illustrated in the next two slides below:

• In the "Signature Properties" dialog window, click on the button "Show Signer's Certificate...".
• And on the next dialog window "Certificate Viewer", go to the "Details" tab =>> "Subject" or "Issuer" sections

NOTE:

If more than one person signed that document , you can obtain all emails from all the signers with the Certificate Viewer and establish a pattern of how the file might've been sent from signer to signer depending on which order the signatures were applied.

My second back-tracing attempt would be based on the assumption that your inquiry is not realted to Adobe Acrobat but more on which email client or email services were involved from user to user as they sent the file to one another to collect signatures. In which case, you may have to learn how to trace-back an email source with some forensic tools, I'm afraid.

Hopefully I was able to assist with my first suggestion.

But if that is not the case, you should examine the full email header that is associated with the sender(s) and start testing if IP addresses are valid (or still in use) and not obfuscated (or spoofed) with email encrypting technologies, but not limited to, firewalls, Proxies or VPNs layers as the file was sent over the Internet through countless network nodes (that can also block email back-tracing attempts due to enforcing online user anonymity).

Worst case scenario, if your source sender used a fake SMTP service (or an online email delivering platform with email sandboxing technologies), you're pretty much on your own in trying to learn some serious (and arcane) hacking wizardry.

You can try and see if the links below that I am sharing as official guidance from Microsoft, Google or wikiHow can help you to get familiarized with the complexities of email back-tracing:

• https://learn.microsoft.com/en-us/exchange/security-and-compliance/mail-flow-rules/inspect-message-a...
• https://support.google.com/mail/answer/29436?hl=en
• https://www.wikihow.com/Trace-an-Email