|
|
|
|
EMAIL HEADERS
|
Anatomy of an Email Message
An email basically has two parts: the header and the body (it also has the envelope but users never see it - it is used internally by the Message Transfer Agent to route the message). When you receive an email, the header tells you where it came from, how it was sent and when. It's like an electronic postmark. And the body contains the message itself.
Now, we'll look at a typical email message to find out what information it contains.
Return-Path: <dimm@mailstart.com>
Received: from mail.mailstart.com (mail.mailstart.com [111.111.111.111]) by
mailhost.mailfinish.com (8.12.10/8.12.10) with ESMTP id i0IDFFjs052778 for
<rimus@mailfinish.com>; Sun, 20 Jan 2004 16:15:50 -0400 (EDT)
Received: from matrix.mailstart.com (matrix.mailstart.com [111.111.111.112]
verified) by mail.mailstart.com (8.8.5) id 247842041; Sun, 20 Jan 2004
16:15:15 -0400
From: dimm@mailstart.com (Dimm Jones)
To: rimus@mailfinish.com
Date: Sun, 20 Jan 2004 16:15:13 EDT
Message-Id: <200401181315.i0IDFFjs052778@mail.mailstart.com>
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
Subject: Mail Test.
|
Hi...
This is a mail test...
|
The Header
The birth of a mail header.
A message header is text at the top of an email that appear when you click the "Send" button in an email client and gather additional lines while traveling through the Internet. Each header transmitted as a single line of text. Some of them are mandatory (Date, From, To...). Others are optional but widely used (Subject, Cc, Reply-To, Received, Message-Id). Any others are ignored by the mail system but all headers are propagated, recognized or not.
Let's watch the evolution of these headers by extracting the headers from a message during it's lifetime.
The user Dimm Jones (dimm@mailstart.com) composed a letter to his friend Rimus (rimus@mailfinish.com) and wants to send it from his workstation (called, for example, matrix.mailstart.com).
This is what the headers look like when the message was generated by Dimm's mailer (Microsoft Outlook Express) and handed off to mail.mailstart.com:
From: dimm@mailstart.com (Dimm Jones)
To: rimus@mailfinish.com
Date: Sun, 20 Jan 2004 16:15:13 EDT
Message-Id: <200401181315.i0IDFFjs052778@mail.mailstart.com>
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
Subject: Mail Test.
|
Return-Path: <dimm@mailstart.com>
Received: from matrix.mailstart.com (matrix.mailstart.com [111.111.111.112]
verified) by mail.mailstart.com (8.8.5) id 247842041; Sun, 20 Jan 2004
16:15:15 -0400
From: dimm@mailstart.com (Dimm Jones)
To: rimus@mailfinish.com
Date: Sun, 20 Jan 2004 16:15:13 EDT
Message-Id: <200401181315.i0IDFFjs052778@mail.mailstart.com>
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
Subject: Mail Test.
|
Return-Path: <dimm@mailstart.com>
Received: from mail.mailstart.com (mail.mailstart.com [111.111.111.111]) by
mailhost.mailfinish.com (8.12.10/8.12.10) with ESMTP id i0IDFFjs052778 for
<rimus@mailfinish.com>; Sun, 20 Jan 2004 16:15:50 -0400 (EDT)
Received: from matrix.mailstart.com (matrix.mailstart.com [111.111.111.112]
verified) by mail.mailstart.com (8.8.5) id 247842041; Sun, 20 Jan 2004
16:15:15 -0400
From: dimm@mailstart.com (Dimm Jones)
To: rimus@mailfinish.com
Date: Sun, 20 Jan 2004 16:15:13 EDT
Message-Id: <200401181315.i0IDFFjs052778@mail.mailstart.com>
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
Subject: Mail Test.
|
Reading Email Headers
The ability to read and decipher email headers is a useful skill to learn for tracing messages to their original source and diagnosing many other problems. Headers may contain a lot of information but the most important information will always be contained in every email header.
Practically, the "Received" header lines are the most important. Each "Received" line represents one handoff between machines, and the closer to the top of the message a "Received" line is, the later in the sequence it falls . As each new host receives the message, it will add its own routing information to the top of this stack(i.e., the first line should show the message arriving at Rimus's mail server, while the last line should show it departing Dimm's workplace). So, "Received" lines list every point the email has passed through on its journey along with the date and the time of passing. It's like having each post office that handles a letter print its identity, date, and time on the envelope.
Note: Normally, full headers list is not visible to receivers of the message. Read our tips section for more information on How To Show Mail Headers.
Here's a line-by-line analysis of these headers and exactly what each one means.
Return-Path: <dimm@mailstart.com>
This field is supposed to contain the sender's address, bounced mail gets sent to this address. It's trustworthy because it is explicitly collected by the mail agent that first picked up the mail for sending, and represents the address given to the outgoing mail host during authentication.
Received: from mail.mailstart.com (mail.mailstart.com [111.111.111.111])
The message was received from the machine mail.mailstart.com, really named mail.mailstart.com with IP 111.111.111.111.
by mailhost.mailfinish.com (8.12.10/8.12.10)
mailhost.mailfinish.com was the server that received this mail from mail.mailstart.com. The local SMTP software (in this case) is Sendmail (8.12.10/8.12.10). (There are a lot of variation of mail programs. So, you shouldn't be confused if you see anything like (fetchmail-5.1.2), (CommuniGate Pro SMTP 4.1.8), (Postfix) and so on).
with ESMTP id i0IDFFjs052778
The internal message ID number that the receiving host has assigned to this transaction. System administrators can often look up the information on this message in their system's logs using this identifier. It's useless to anyone except the administrator.
for <rimus@mailfinish.com>;
The message is addressed to rimus@mailfinish.com.
Sun, 20 Jan 2004 16:15:50 -0400 (EDT)
This mail transfer happened on Sunday , January 20, 2004, at 16:15:50, time is given with a (local) offset.
Received: from matrix.mailstart.com (matrix.mailstart.com [111.111.111.112] verified) by mail.mailstart.com (8.8.5) id 247842041; Sun, 20 Jan 2004 16:15:15 -0400
This line documents the mail handoff from Dimm's workstation matrix.mailstart.com to mail.mailstart.com. The real IP of the sender's machine is [111.111.111.112] and the real name is matrix.mailstart.com. The mail server mail.mailstart.com reciving server this handoff happened at 14:36:17 Pacific Standard Time. The mail server runs sendmail version 8.8.5 and called itself mail.mailstart.com. The assigned to this letter ID number is 004A21. The time and date are also shown.
From: dimm@mailstart.com (Dimm Jones)
The mail was sent by dimm@mailstart.com who introduces himself as Dimm Jones.
To: rimus@mailfinish.com
The letter is addressed to rimus@mailfinish.com.
Date: Sun, 20 Jan 2004 16:15:13 EDT
The message was composed on Sunday, January 20, 2004, at 16:15:13 Moscow time, at 14:36:14.
Message-Id: <200401181315.i0IDFFjs052778@mail.mailstart.com>
This is a globally unique identifier added by the originating MTA. This identifies the message at the point at which it entered the mail handoff process. Again, the administrator of this host can use this ID to look up details about the message in the host's logs but this ID number differs from those ID in Received fields because it marks the message during is all lifetime.
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
The Dimm's mailer is called Microsoft Outlook Express 6.00.2600.0000
Subject: Mail Test.
This is the subject of this mail.
Other Header Lines
X-headers
X-headers are user defined headers. They can be inserted by email client programs or applications that use email.
Here are examples of some X-headers inserted into an email.
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
|
The Body
Speaking about the body is very easy after dealing with garbled and incomprehensible headers. The body is separated from the headers by a single blank line.
Hi...
This is a mail test...
|
In order to analyze an HTML message body properly, you'll have to view its "markup" or source code. If the message has already been downloaded to your computer, you can do this by bringing the message up for view and then right-clicking on it (or, if you have a Mac, control-clicking) and selecting a "view source" or similar command from the popup menu. If this doesn't seem to work, search your program's menus for a view-source command or consult your program's online help or documentation. Once you have this source code in front of you, you can save it to a disk file for later use if you need to.
The attachment.
An attachment is a separate file added to and sent along with the original email message. The files to be attached are usually located on the user's hard drive or on a disk inserted in the disk drive. Typically, they are word-processed documents, spreadsheets, pictures, audio, video or program files. These types of files must be sent as attachments because a regular email message only allows the transmission of simple text characters.
Encoding and decoding standards
There exite various encoding and decoding standards for attachments such as MIME, Uuencode and BinHex. Email programs allow users to select the type of standard to be used for sending attachments.
MIME - (Multipurpose Internet Mail Extension)
MIME is the encoding standard that allows people to exchange multimedia email attachments such as audio, video, graphics and application programs over the Internet.
The unique characteristic of MIME is the presence of a MIME header in an email message. MIME headers include the version of MIME used, the type of file attached and the encoding method used. It helps the recipient to figure out the appropriate application that will open and handle the attached file.
Uuencode
Also called Uuencode/Uudecode, it is a popular encoding and decoding standard between users in a network. The term stands for "Unix-to-Unix encoding" as it was created for use in Unix systems. Uuencode converts an email attachment from binary into 7-bit ASCII characters. It is available for use in all operating systems. Most email applications also offer it as an encoding alternative.
BinHex
Short for "binary to hexadecimal", it is another encoding standard usually used for Macintosh files. It encodes an attachment from its 8-bit representation into 7-bit ASCII text characters. Text encoding ensures that the transmission will be received by older systems since older email utilities sometimes can't handle binary transmission. Unlike Uuencode, BinHex handles resource forks in Macintosh files. BinHex files end with ".hqx".
To be able to decode attachments both the sender and the receiver's email programs should support the same standard used for encoding. Unfortunately, not all email programs support all encoding standards. It is therefore necessary to state within the body of the email message the encoding standard used for a certain attachment.
Let's imagine that along with our test message we want to send an attachment - file.zip. Here is an example of how MIME headers may appear in the email. (I shortened the actual binary data of file.zip. Otherwise, it would be bigger than the whole article.)
Return-Path: <dimm@mailstart.com>
Received: from mail.mailstart.com (mail.mailstart.com [111.111.111.111]) by
mailhost.mailfinish.com (8.12.10/8.12.10) with ESMTP id i0IDFFjs052778 for
<rimus@mailfinish.com>; Sun, 20 Jan 2004 16:15:50 -0400 (EDT)
Received: from matrix.mailstart.com (matrix.mailstart.com [111.111.111.112]
verified) by mail.mailstart.com (8.8.5) id 247842041; Sun, 20 Jan 2004
16:15:15 -0400
From: dimm@mailstart.com (Dimm Jones)
To: rimus@mailfinish.com
Date: Sun, 20 Jan 2004 16:15:13 EDT
Message-Id: <200401181315.i0IDFFjs052778@mail.mailstart.com>
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="=_7c1a880e7c472913544c4794b2649ed9"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
Subject: Mail Test.
This is a multi-part message in MIME format.
--_----------=_7c1a880e7c472913544c4794b2649ed9
Content-Transfer-Encoding: binary
Content-Type: text/plain
Hi...
This is a mail test...
--_----------=_7c1a880e7c472913544c4794b2649ed9
Content-Transfer-Encoding: base64
Content-Type: application/zip; name="file.zip"
YRTTRtrYTAAAghgdAAAREUEsDBAEAUmicKJwUAANsdsdsAaG93bW/bRgz+
7AerEEwmR8k+DreronS5qwEeERTEesOIueeSeFtV+wxNYcjH77SN5JAPsN
--_----------=_7c1a880e7c472913544c4794b2649ed9
|
The MIME-Version is indicated - so far only version 1.0 has been used.
boundary="=_7c1a880e7c472913544c4794b2649ed9"
This is a 'boundary' string that is inserted in each encoded document to separate the attachments.
Content-Type: multipart/mixed;
Content-Type: text/plain;
Content-Type: application/zip; name="file.zip";
If you are not using the 7-bit US-ASCII characters set, these fields are used to specify the other types of data, such as binary, image, audio, video, or character sets for languages other than standard English. In our example (multipart/mixed) 'multipart' indicates there will be several documents and 'mixed' indicates each may be of a different type.
The Content-Type header also specifies both the type and subtype of the data in the message. So, the third line (application/zip; name="file.zip") means that the message body contains a zip file but it also has additional information called a parameter. Here, the parameter is a name and it shows the file name.
Content-Transfer-Encoding: 7bit
Content-Transfer-Encoding: binary
Content-Transfer-Encoding: base64
Encoding scheme needs to be specified in the email message so that email programs will know how to un-encode the data when it arrives. That's why we need to mark how we have encoded our data, as binary or 8-bit characters (this happens because the commonly used email transfer protocols, such as SMTP, assume 7-bit US-ASCII as the basis for text messages). Although there are several standard ways to do it, the most reliable way is to use base64.
Summary
- An email message consists of a header followed by a body with zero or more attachments.
- Each header is transmitted as a single line of text.
- The header contains the information you need in order to track down the origin of the message.
- The full header is seldom displayed by your mail program; you must take some steps to display it.
- The "Received" lines of the header form a chain describing the path that the message took from the sender to your inbox. The "Recieved" field is structured like thas:
Received:
from [sending-host's-name] [sending-host's-address]
by [receiving-host's-name][software-used]
with [message-ID] for [recipient's-address];
[date][time][time-zone-offset]
- Some headers are mandatory (Date, From, To...). Some are optional (Subject, Cc, Reply-To, Received, Message-Id...).
- Headers starting with 'X-' are for personal application or institution use.
- The Body is the actual content of the email message.
- The body is separated from the headers by a single blank line.
- The recipient may not be able to open the attachment because the recipient's email program does not support the appropriate decoder.
- The sender and the receiver may not use the same email program.
|
Question of the Day
|
|
|
