Martha's Web

• Home
• About Me
• Email
• Fun Stuff
• Links
• Outlook Express
• PC Maintenance
• Photos
• Responsible
• Security
• Windows
• Miscellaneous

 

• AOL Users
• Backup Email
• Configuring Email
• More on Email
• Email Etiquette
• Email Spoofs
• Email Hoaxes
• Email Headers
• Forwarding Email
• Help for Email
• Hotmail, etc
• Little Red x
• List Etiquette
• Spam
• Spam Filters
• Super Newsletters
• ISP Email Alert!
• Email Groups/Lists
• Tips You Need!

 

University of Delaware Police Computer Forensics Lab

Reading Email Headers

ust about everyone connected to the Internet has at least one email address and a lot of us have more than one. Besides the email address provided to us by our ISP, we may have a hotmail account, Yahoo email account, a Gmail email account and if we have a website, an email account for our domain.

Some of us get lots of email and a lot of it is unwelcome, like spam, phishes or missives with virus attached. Most of the savvy users of email have figured out to delete spam email unopened and also not to open attachments, especially from strangers. Some of us are aware that emails can be 'spoofed', made to appear it came from someone other than the actual sender. But not too many of us really know how to find out if the sender is actually the real deal or someone with a bad agenda in mind.

So with this in mind, I am determined to learn how to read 'email headers', the information about the sender that is usually hidden and requires a certain amount of 'digging' to ferret out who really sent that email.

So using my trusty Google, I started to search for information. I used 'reading email headers' as my keywords and unearthed a virtual ton of information.

The very first 'hit' was this site, StopSpam.org. It makes sense that a 'Stop Spam' site would know how to read those headers! Rather than go into a lengthy description of the information provided by this site, in just a few words the first page told me what I already knew, your email to Aunt Gertie doesn't go directly from your computer to Aunt Gertie's computer. Depending on any number of facts, it may go halfway or all the way around the world from one server to another before it shows up in Aunt Gertie's inbox.

There is a wealth of information here, take your time to read it and it does require you to study as there is too much to absorb just by reading it once. Unless of course you have an exceptional memory, which does not apply to me!

The next 'hit' was here, The University of Illinois at Chicago. This is pretty cool, tells you how to 'dig' and get those headers in a number of email clients. I found it interesting that it didn't tell how to find the headers in Outlook Express, which is probably the most used email program since it comes with Windows.

According to this site, the header at the top is the last one added. A good thing to know if you are trying to figure out where the email really came from. Again, take your time to read and study the information.

Further down the list of sites displayed by Google I chose this one, The University of Rochester, New York.  This site gives a more comprehensive list of email programs including Outlook Express on how to get the headers.

Finally I came to About.com's site, Reading the Email Header. This site is pretty good at teaching how to spot a 'spoof', recommended reading!

There are over 48 million sites listed in this search, probably a lot of them are not really what you want to see, but you get the picture, email headers are important and we need to learn how to read them! Now after all of this discourse about how to read email headers, I have found a really nifty little program called IPNetInfo. You just bring up the headers, copy and paste into IPNetInfo and it does the work of reading those headers for you. In some cases it will even give you the email address of where to report spam! You can get IPNetInfo from Nirsoft.net.

Have fun!

© Copyright © 2002 - 2008 Martha Bagwell.

All Rights Reserved Privacy Policy and Disclaimer - Contact Martha - Sitemap