Understanding the information contained in an e-mail header

Updated: 09/03/2019 by Computer Hope

Example of an e-mail header

Below is an example of an e-mail header with an explanation about each of its sections.

Note

The following example is only an example and may not be the same as how your e-mail program or online service displays an e-mail header.

Delivered-To: [email protected]
Received: by 1.1.1.1 with SMTP id g2cs974866bue;
Sun, 21 Jan 2007 10:40:50 -0800 (PST)
Received: by 1.1.1.1 with SMTP id o6mr53068agc.11694048335;
Sun, 21 Jan 2007 10:40:49 -0800 (PST)
Return-Path: <[email protected]>
Received: from web58308.mail.re3.yahoo.com (web58308.mail.re3.yahoo.com [1.1.1.1])
by mx.computerhope.com with SMTP id 9si5512040agc.2007.01.21.10.40.48;
Sun, 21 Jan 2007 10:40:49 -0800 (PST)
Received-SPF: pass (computerhope.com: domain of [email protected] designates 1.1.1.1 as permitted sender)
DomainKey-Status: good (test mode)
Received: (computerhope 52644 invoked by uid 60001); 21 Jan 2007 18:40:48 -0000
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
s=s1024; d=yahoo.com;
h=X-YMail-OSG:Received:Date:From:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID;
b=efbVrw8c8wqr4eSQzCeW7649jwVofY/e5lXFywYad7Q/Tns7dS5p/OZCKCZA=;
X-YMail-OSG: JF41QboVM1mJ19dW6KPDoUWVXm.95cEcw-
 Received: from [1.1.1.1] by web58308.mail.re3.yahoo.com via HTTP; Sun, 21 Jan 2007 10:40:48 PST
Date: Sun, 21 Jan 2007 10:40:48 -0800 (PST)
From: Fake Mail <[email protected]>
Subject: Re: test e-mail
To: [email protected]
MIME-Version: 1.0
Content-Type: multipart/related; boundary="0-842682536-1169404848=:50690"
Content-Transfer-Encoding: 8bit
Message-ID: <[email protected]>

--0-842682536-1169404848=:50690
Content-Type: multipart/alternative; boundary="0-1777241646-1169404848=:50690"

--0-1777241646-1169404848=:50690
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit

Apparently-To, Delivered-To, and To:

The lines that begin with Delivered-To and To contain the e-mail address of who is receiving the e-mail.

From:

The line that begins with From is who sent the e-mail.

In-Reply-To:

Although not displayed on the example above (even though the subject contains Re:), lines beginning with In-Reply-To contain the message-id of the e-mail used for replies. Not all e-mail servers use this feature.

Cc:

The line beginning with Cc contains any e-mail address that was sent a carbon copy of the message.

Bcc:

Lines that begin with Bcc are any BCC (blind carbon copy) e-mail addresses that were also sent the e-mail. Although not all e-mail programs display this information because of privacy concerns, there are several programs that will.

Subject:

The Subject line contains the subject of the e-mail.

Return-Path:

The line beginning with Return-Path is what e-mail should be used if an error is encountered while the e-mail is being delivered.

Received:

Lines beginning with Received contain each of the mail servers that the e-mail has passed through to get to your Inbox. This section is useful in troubleshooting e-mails that are not getting to the destination because it contains the e-mail server, IP address, the date sent, and other useful information.

The Received line is also useful to indicate who sent the e-mail. Often the first Received line (the lowest on the list) is the mail server that originated the e-mail. However, spammers can create a fake (spoof) Received entry, making it appear that an e-mail passed through their server and that their server is not the e-mail's origin.

Message-ID:

The line starting with Message-ID is the assignment given to the e-mail message from the first e-mail server.

Lines beginning with "X-:" in the e-mail header

Lines beginning with X- are extra data that are not in any standard and used by mail servers and e-mail clients to provide information for sending e-mail. Below is a short list of some common X- lines you may see while viewing an e-mail header.

  • X-Complaints-To: - Where to direct your complaints you have about an e-mail you received.
  • X-Confirm-Reading-To: - Create an automatic response for read messages.
  • X-Errors-To: The address to send an e-mail to for any errors encountered.
  • X-Mailer: - Program used to send the e-mail.
  • X-PMFLAGS: - Additional information used with Pegasus Mail.
  • X-Priority: - Priority of sending e-mail.
  • X-Sender: - Additional information about the sender of the e-mail.
  • X-Spam-zzz: - Where zzz is any number of different spam tags relating to the Spam filter on the e-mail server. Some of these include: Checker-Version, Level, Report, and Status.
  • X-UIDL: - Used with e-mails distributed over POP (post office protocol).

Content-Type, Content-Transfer-Encoding, and MIME-version

Used by MIME (multipurpose Internet mail extensions) to know how to understand and display the e-mail in the e-mail program.