How to Interpret Email Headers!
Ranked #20,253 in Internet, #621,261 overall | Donates to Hero Dogs, Inc
How to Interpret Email Headers
This is a basic and easy to understand overview of Interpreting Email Headers.
It is a mildly detailed explanation of tracing & locating where an email originated and the path taken through the internet.
Basically, an email header is the part of an email that comes before the body of the letter and contains information about the email including the senders email and date sent among other things.
The header of an email is the return address and route label of an email. But wouldn't it be nice if you could tell what server your email comes from?
It is a mildly detailed explanation of tracing & locating where an email originated and the path taken through the internet.
Basically, an email header is the part of an email that comes before the body of the letter and contains information about the email including the senders email and date sent among other things.
The header of an email is the return address and route label of an email. But wouldn't it be nice if you could tell what server your email comes from?
How to Interpret Email Headers (Basically)!
By: G.E. Investigations, LLC & Mercurius Creative, LLC
Some of you may ask, What is an email header?
Basically, an email header is the part of an email that comes before the body of the letter and contains information about the email including the senders email and date sent among other things. The header of an email is the return address and route label of an email. But wouldn't it be nice if you could tell what server your email comes from? Or perhaps what servers your email had to go through before it came to you? Say hello to the Extended Header. An extended header includes much more than the subject, sender, recipient, and date and time, much like a documentation of the life of the email. Here is an example of a real extended header:
From: TheSquad@GeInvestigations.com
Subject: The Internet
Date: June 17, 2005 15:29:10 MST
To: TeamMajestic@TeamMajesticDesigns.com
Envelope-To: TeamMajestic@TeamMajesticDesigns.com
Received: from fet4uumtao07.sci.net ([68.230.942.32]) by reno.hostingweb.net
with esmtp (Exim 4.51) id 1DjRTW-0001Qd-Vo for
TeamMajestic@TeamMajesticDesigns.com; Fri, 17 Jun 2005 17:28:53 -0500
Received: from dragon ([66.0.164.345]) by fet1rmmtao07.sci.net
(InterMail vM.6.01.04.00 201-2131-118 -20041027) with ESMTP id
<20050617002833.QIKL1367. fet4uumtao07.sci.net @dragon> for
<teammajestic@teammajesticdesigns.com>; Fri, 17 Jun 2005 18:28:33 -0400
Organization: G.E. Investigations, LLC
Content-Type: text/plain; charset="us-ascii"
X-Mailer: Microsoft Office Outlook, Build 11.0.6353
Message-Id: <20050617002833.QIKL1367. fet4uumtao07.sci.net@dragon>
X-Antivirus-Scanner: Clean mail though you should still use an Antivirus
Note that depending on your mail client and what servers the email passed through there can be as many as 30 headers!
For time and space constraints, I will go over some of the most common extended headers.
Listed below is a description of the headers in the example above.
From: This is the header telling you who sent this email. This section of the header is created when the email is sent from "the sender", so it is possible that this is forged.
Subject: The subject of the letter as entered by "the sender".
Date: This is the time the message was sent or composed. It could also be the time it was sent from a mail server. It is also possible to forge this, but it also may be inaccurate as many computers across the world have their clocks set wrong.
To: This header tells you "the recipient" of the email (usually you or client). This section of the header is created when the email is sent from "the sender", so it is possible that this is forged also.
Envelope-To: This is the actual recipient. This cannot be forged easily, because this is created at the mail server, and is out of the sender's control. However a pro hacker could break into a mail server and change things, but it is a lot of trouble to go through.
Received: This header tells you where your email has been and is probably the most important header. There are usually multiple received headers, each one documenting the transfer of the email to each server until it reaches you. The most recent activity is at the top, and the oldest at the bottom of the list.
Organization: This is the organization that the sender is part of (i.e. Microsoft). It is possible that this is forged, because it can be created by "the sender".
Content-Type: This is a header that tells your mail program the type of file(s) that are in the email, including attachments. (i.e. picture, movie, program, etc)
X-Mailer: This header tells you what mail client or software "the sender" is using. It should also tell you the version number of the software. (for example Microsoft Office Outlook Build 11.0.6353)
Message-Id: This is the Id (identification) for your message. It is for keeping track of your email by the mail program or even the mail server.
X-Antivirus-Scanner: This tells you that the email has been checked for viruses. This by no means makes it safe, you should still use anti-virus software at all times.
As you can see, email headers can tell you a lot about the message and its life. They are a tool often used by system administrators to debug errors in a server, but can be manipulated by hackers and spammers and used to check where your mail is really coming from. This was just a quick overview on the subject of email headers. There will be a fully detailed handout on this subject at the October meeting.
If you have any questions, feel free to email us at TheSquad@GeInvestigations.com or Bo@MercuriusCreative.com
Basically, an email header is the part of an email that comes before the body of the letter and contains information about the email including the senders email and date sent among other things. The header of an email is the return address and route label of an email. But wouldn't it be nice if you could tell what server your email comes from? Or perhaps what servers your email had to go through before it came to you? Say hello to the Extended Header. An extended header includes much more than the subject, sender, recipient, and date and time, much like a documentation of the life of the email. Here is an example of a real extended header:
From: TheSquad@GeInvestigations.com
Subject: The Internet
Date: June 17, 2005 15:29:10 MST
To: TeamMajestic@TeamMajesticDesigns.com
Envelope-To: TeamMajestic@TeamMajesticDesigns.com
Received: from fet4uumtao07.sci.net ([68.230.942.32]) by reno.hostingweb.net
with esmtp (Exim 4.51) id 1DjRTW-0001Qd-Vo for
TeamMajestic@TeamMajesticDesigns.com; Fri, 17 Jun 2005 17:28:53 -0500
Received: from dragon ([66.0.164.345]) by fet1rmmtao07.sci.net
(InterMail vM.6.01.04.00 201-2131-118 -20041027) with ESMTP id
<20050617002833.QIKL1367. fet4uumtao07.sci.net @dragon> for
<teammajestic@teammajesticdesigns.com>; Fri, 17 Jun 2005 18:28:33 -0400
Organization: G.E. Investigations, LLC
Content-Type: text/plain; charset="us-ascii"
X-Mailer: Microsoft Office Outlook, Build 11.0.6353
Message-Id: <20050617002833.QIKL1367. fet4uumtao07.sci.net@dragon>
X-Antivirus-Scanner: Clean mail though you should still use an Antivirus
Note that depending on your mail client and what servers the email passed through there can be as many as 30 headers!
For time and space constraints, I will go over some of the most common extended headers.
Listed below is a description of the headers in the example above.
From: This is the header telling you who sent this email. This section of the header is created when the email is sent from "the sender", so it is possible that this is forged.
Subject: The subject of the letter as entered by "the sender".
Date: This is the time the message was sent or composed. It could also be the time it was sent from a mail server. It is also possible to forge this, but it also may be inaccurate as many computers across the world have their clocks set wrong.
To: This header tells you "the recipient" of the email (usually you or client). This section of the header is created when the email is sent from "the sender", so it is possible that this is forged also.
Envelope-To: This is the actual recipient. This cannot be forged easily, because this is created at the mail server, and is out of the sender's control. However a pro hacker could break into a mail server and change things, but it is a lot of trouble to go through.
Received: This header tells you where your email has been and is probably the most important header. There are usually multiple received headers, each one documenting the transfer of the email to each server until it reaches you. The most recent activity is at the top, and the oldest at the bottom of the list.
Organization: This is the organization that the sender is part of (i.e. Microsoft). It is possible that this is forged, because it can be created by "the sender".
Content-Type: This is a header that tells your mail program the type of file(s) that are in the email, including attachments. (i.e. picture, movie, program, etc)
X-Mailer: This header tells you what mail client or software "the sender" is using. It should also tell you the version number of the software. (for example Microsoft Office Outlook Build 11.0.6353)
Message-Id: This is the Id (identification) for your message. It is for keeping track of your email by the mail program or even the mail server.
X-Antivirus-Scanner: This tells you that the email has been checked for viruses. This by no means makes it safe, you should still use anti-virus software at all times.
As you can see, email headers can tell you a lot about the message and its life. They are a tool often used by system administrators to debug errors in a server, but can be manipulated by hackers and spammers and used to check where your mail is really coming from. This was just a quick overview on the subject of email headers. There will be a fully detailed handout on this subject at the October meeting.
If you have any questions, feel free to email us at TheSquad@GeInvestigations.com or Bo@MercuriusCreative.com
RSS: G.E. Investigations Blog
This is the OFFICIAL Blog of G.E. Investigations, LLC
G.E. Investigations, LLC Twitter
Official G.E. Investigations Twitter Page!
G.E. Investigations, LLC FaceBook
Official G.E. Investigations FaceBook Page
Facebook Fan box widget may not always appear in the Workshop. Please preview or publish your lens to see the widget.
G.E. Investigations, LLC YouTube
Official G.E. Investigations, LLC YouTube Channel
G.E. Investigations, LLC Google Maps
Official Office of G.E. Investigations, LLC
G.E. Investigations, LLC Amazon Recommendations
G.E. Investigations, LLC uses many devices and occasionally we find something AWESOME to share with you!
If you loved Keurig B40 Elite Brewing System, you might also enjoy:
by GeInvestigations
Greetings & Salutations from G.E. Investigations, LLC
The President and Senior Investigator of G.E. Investigations, LLC has served his country in t...
more »
- 0 featured lenses
- Top lens »
Feeling creative?
Create a Lens!
Explore related pages
- Smartphone Security Smartphone Security
- Fun Game Websites for Kids - 12 and Under Fun Game Websites for Kids - 12 and Under
- Bullying in Elementary Schools: Helping Children Cope Bullying in Elementary Schools: Helping Children Cope
- How to Become a Billionaire in Three Minutes How to Become a Billionaire in Three Minutes
- QR Codes 101 QR Codes 101
- Shopping Safely Online Shopping Safely Online
