What is Email Header ? View email header in Gmail.
Satyajit (Admins,a.k.a Satosys)
Monday, October 28, 2019
Many people open there inbox in-order to check their email or send a email and then sign-out but what we do not know that there are indeed lot of things are carried out when we simply send or receive a email.
There is a detail report/history of all those things that are carried out and are attached with the email.
Yes, I am talking about email headers.They are kept hidden from normal user but we can certainly view it.
These headers comes very handy when tracing email, filtering spams, recording the Ip address of the sender etc. So, let's see what email header is all about and later in the post we will see how to get email header.
What is Email Header?
It is a record/report/history of the email which covers the path from the sender to the receiver and also contains the vital information about the email servers that it has encountered in its path.
Few emails also contain digital signature to detect the tampering of the email in the path.
What information we can get from Email headers?
As i mentioned above we can get the history of the email and the information on the path the email has traveled to reach us.Lets see what information we can get from it.....
1.When the sender has composed the message(Date,Time)
2.When the email was sent from the sender's PC to the email server.(Date,Time)
3.When the email was sent from the email server to the intended receiver.(Date,Time)
4.The type of protocol used in the entire path.
5.The PC of the sender can be identified from the Header.
6.The IP address of the sender but not always.
7.The type and the number of digital signatures on the email I mean the type of algorithm.
8.What type of email-client the sender has used to send the email
9.The ISP of the sender.
10.If any third party is using any tracking means.
How to view Header of an Email?
Here I have listed out not all but few of the web mail providers and email client using which you can get email header.
1.Gmail: Login in a standard version >Open email of your choice >Click the down arrow next to reply >Then select show original.
2.Yahoo: Login >Select the desired email >Click on action drop down menu >Select view full header.
3.Hotmail: Login >Select Inbox >Right click on the desired email >Select view message source.
1.Outlook Express: In order to view email header in outlook Open it >Select the desired email from Inbox >Right click on it and select Properties >Details.
2.Mozilla:Open it >Open the desired email > Click view menu >Message source.
How to read an Email Header.
Here I have taken the example of my Gmail account to explain, we will see how to view email header in gmail.
As mentioned above we first need to open up the header of any desired email as shown below.
This is what you will get in a new window as shown below.
As you can see i have divided the whole header into 3 sections.It is worth mentioning that a header is always analyzed in bottom to top approach.This is because most of the vital informations about the sender is there at the bottom.You can say in the above image section1 is for destination mostly and section3 is for source mostly.
Section 3:
MIME-Version:1.0:MIME stands for Multipurpose Internet Mail Extension. It tells about the types of attachments in the email.It allows to send sound,graphics etc.Here the Mime-Version field shows that it is currently in 1.0.
Received:by :It show the time and date the email reached the Gmail server.
In-Reply-to: and References : Both are same,as the name shows it means whether the sender has sent an reply to the past message or is a direct new message.If it is a reply message then it contains the reference of the past message.This is an unique number.
Message-ID:This show the system from which the email has originated,I mean the senders's PC.It can be changed or forged easily.This is also a unique number.
To: and From: It gives the sender's and receivers email-id.
Content type:What type of content is there in the email ie. text or image or anything else.
Section 2:
What is DKIM-Signature?
DKIM(DomainKeys Identified Mail) is a digital signature put on every email we send or receive through email servers.It is used because the emails cannot be tampered or altered in its path.This mechanism is also used in spam filters as spam do not have any digital signature.
In the above image there are certain values let me explain.
v=Version
a=The algorithm used by Sender or Originating Web mail provider.
c=canonicalization algorithm of header and body.
d=Sender or Originating Web mail provider.
s=Selector
h=Contains the list of all the digital signature done on this email.
bh=Body hash
b=Digital signature of header and body.
Section 1:
Delivered-To:It contains the email-id of the receiver.
Received:by : You can see there is a 2 second difference in time between the "received by:" in section 3 and section 2.It shows the time and date the email reaches the gmail server.
Return-Path: The sender's email-id.
Received :from :Specifies the Ip address of the sender generally in "[ ]" but in gmail it is masked by the gmail server address.
This video explain in detail the insights into what is Email Header using Mozilla Thunderbird client.
If you find this post worth reading then do drop a comment,it will be appreciated.
There is a detail report/history of all those things that are carried out and are attached with the email.
Yes, I am talking about email headers.They are kept hidden from normal user but we can certainly view it.
These headers comes very handy when tracing email, filtering spams, recording the Ip address of the sender etc. So, let's see what email header is all about and later in the post we will see how to get email header.
What is Email Header?
It is a record/report/history of the email which covers the path from the sender to the receiver and also contains the vital information about the email servers that it has encountered in its path.
Few emails also contain digital signature to detect the tampering of the email in the path.
What information we can get from Email headers?
As i mentioned above we can get the history of the email and the information on the path the email has traveled to reach us.Lets see what information we can get from it.....
1.When the sender has composed the message(Date,Time)
2.When the email was sent from the sender's PC to the email server.(Date,Time)
3.When the email was sent from the email server to the intended receiver.(Date,Time)
4.The type of protocol used in the entire path.
5.The PC of the sender can be identified from the Header.
6.The IP address of the sender but not always.
7.The type and the number of digital signatures on the email I mean the type of algorithm.
8.What type of email-client the sender has used to send the email
9.The ISP of the sender.
10.If any third party is using any tracking means.
How to view Header of an Email?
Here I have listed out not all but few of the web mail providers and email client using which you can get email header.
Web mail providers:
1.Gmail: Login in a standard version >Open email of your choice >Click the down arrow next to reply >Then select show original.
2.Yahoo: Login >Select the desired email >Click on action drop down menu >Select view full header.
3.Hotmail: Login >Select Inbox >Right click on the desired email >Select view message source.
Email Desktop Clients:
1.Outlook Express: In order to view email header in outlook Open it >Select the desired email from Inbox >Right click on it and select Properties >Details.
2.Mozilla:Open it >Open the desired email > Click view menu >Message source.
How to read an Email Header.
Here I have taken the example of my Gmail account to explain, we will see how to view email header in gmail.
As mentioned above we first need to open up the header of any desired email as shown below.
(Click on the image to zoom it.) |
(Click on the image to zoom it.) |
Section 3:
(Click on the image to zoom it.) |
Received:by :It show the time and date the email reached the Gmail server.
In-Reply-to: and References : Both are same,as the name shows it means whether the sender has sent an reply to the past message or is a direct new message.If it is a reply message then it contains the reference of the past message.This is an unique number.
Message-ID:This show the system from which the email has originated,I mean the senders's PC.It can be changed or forged easily.This is also a unique number.
To: and From: It gives the sender's and receivers email-id.
Content type:What type of content is there in the email ie. text or image or anything else.
(Click on the image to zoom it.) |
DKIM(DomainKeys Identified Mail) is a digital signature put on every email we send or receive through email servers.It is used because the emails cannot be tampered or altered in its path.This mechanism is also used in spam filters as spam do not have any digital signature.
In the above image there are certain values let me explain.
v=Version
a=The algorithm used by Sender or Originating Web mail provider.
c=canonicalization algorithm of header and body.
d=Sender or Originating Web mail provider.
s=Selector
h=Contains the list of all the digital signature done on this email.
bh=Body hash
b=Digital signature of header and body.
Section 1:
Delivered-To:It contains the email-id of the receiver.
Received:by : You can see there is a 2 second difference in time between the "received by:" in section 3 and section 2.It shows the time and date the email reaches the gmail server.
Return-Path: The sender's email-id.
Received :from :Specifies the Ip address of the sender generally in "[ ]" but in gmail it is masked by the gmail server address.
This video explain in detail the insights into what is Email Header using Mozilla Thunderbird client.
If you find this post worth reading then do drop a comment,it will be appreciated.
What is Email Header ? View email header in Gmail.
Reviewed by Satyajit (Admins,a.k.a Satosys)
on
Monday, October 28, 2019
Rating: