How to read email headers (and understand them!)
Amy Elliott
As an email sender, you’re probably used to creating awesome newsletter designs, segmenting your audience, and hopefully cleaning your email list for maximum deliverability! Something you might have overlooked, however, is the email header. (Not to be confused with the preheader, visible at the top within a newsletter.)
Learning how to read email headers and understand their contents can help you to troubleshoot deliverability issues, ensuring your sending reputation remains intact and your campaigns perform like a dream.
In this article, you’ll learn what an email header is, the different elements they contain and how you can read them—plus, how to view email headers in popular mail clients.
So what are email headers?
The email header is an invisible piece of information sent along with your message. While it’s not visible in the body of the email, it can be viewed in the raw message source by both the sender and recipient, in most email clients.
Some of the information in the email internet header is parsed by the recipient’s email client and displayed alongside the email, such as the sender’s address, subject line and date.
Other information is used by the email client so that it can understand what type of content the email contains, whether or not it is spam, and whether the sender is really who it claims to be. This information can also be used by senders to troubleshoot deliverability issues.
While email headers are not immediately visible, with a few clicks in your email client you can view the contents of any email’s header (we’ll show you how further down). Here’s an example of an email header view in Gmail’s webmail app.
You can learn a lot from an email header!
With a quick glance at the email header example above, you can see that it contains a lot more than just the sender, receiver and email subject. While these elements are important, it’s also possible to retrieve information about any errors or security issues during sending.
Email headers are a great source of information when it comes to uncovering deliverability issues. Understanding what the contents of an email header mean allows you to determine whether or not your email reached its intended recipient without any errors or changes—and if not, what caused them.
This is made possible because the email header contains information about the ISPs and servers that the message has passed through on its way to the email receiver.
Learn more about email deliverability and why it’s important in our guide.
Test emails before you send with MailerCheck!
Our Email Insights tool will check your sending configuration and email content and notify you of any deliverability red flags.
Sign up for free today and get 200 free credits.
Standard parts of email headers
So we’ve talked about the types of information you can retrieve from the email header. Now let’s look at the actual elements it contains, starting with the standard parts all email headers have.
From: The name and email address of the sender
To: The name and/or email address of the receiver
Date: The date and time that the email is sent
Subject: The subject line of the email
No email can be sent without a sender, receiver, and of course, the time and date.
Next up are the elements that enable you to analyze the technical details of the email!
Additional parts of email headers
This is where things get interesting! These are the elements that enable us to retrieve information about the message’s journey and any errors that may have occurred.
| Return-Path: | This header identifies where emails that cannot be delivered should be sent for processing. Typically, an SMTP address for handling bounced messages is specified here. |
| Authentication-Results: | This is where the authentication results for SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail) and DMARC (Domain-based Message Authentication, Reporting & Conformance) are recorded. If all is well, each one will receive a “pass” result message. |
| Received*: | Here are all the message’s recipients—this is sort of a log of IPs for everywhere the message was received en route to its final destination. This header is especially useful in case of any errors because you can check at which point your email was changed and where it came from. |
| Message-ID: | This refers to the unique ID generated when the email is first created. |
| MIME-Version: | MIME stands for Multipurpose Internet Mail Extensions, which is an internet standard that extends the format capabilities of email. The MIME-Version header indicates that the email is MIME-formatted. |
| Content-type: | Here we can learn how the content of the email is formatted, usually it’s HTML or plain text. |
| Precedence: | The Precedence header is an optional header used by senders to notify Google that their email is bulk. It prevents messages from being sent to spam, increases the chance of inbox placement and helps to keep deliverability high. |
*Note: Mail Transfer Agents (MTAs) facilitate the routing of an email message from the sender to the receiver. It is possible for a single email to pass through multiple MTAs. If this happens, there may be multiple Received headers representing the destinations the email was received at before it was passed on.
Check out our email authentication guide to learn more about SPF, DKIM and DMARC.
Bonus: SpamAssassin email headers
If you’ve read our guide to SpamAssassin scores, you’ll know that when a spam check is complete, headers pertaining to your score are added to your email. There are various SpamAssassin headers, but the main ones to look out for are X-Spam-Level and X-Spam-Status.
X-Spam-Level: The level header displays your spam level with asterisks, with one asterisk displayed per point, rounded down. For example, if your SpamAssassin score is 4.3, your score will be shown as **** (four). If you score less than 1, for example, 0.7, it will display nothing.
X-Spam-Status: The status header tells you whether your email is spam, with a simple YES or NO. This is followed by your SpamAssassin score as a numeric value, for example, 4.3. It will also display the default score required, as well as the tests that were run.
Note that SpamAssassin headers may not be visible depending on your email client. But not to worry! MailerCheck can take care of that for you:
In addition to email list verification, MailerCheck also includes Email Insights, the powerful feature that analyzes your email content and sending configuration before you hit send. It’ll also highlight issues that need fixing and fetch your SpamAssassin results so you don’t have to.
Want to make sure that your emails are spam-free?
How to view your email header
Now you know what to look for, you’re probably super curious to start checking your email headers! Luckily, most popular email clients make it easy to check the email header (although not all information may be visible).
Let’s get started!
How to view email headers in Gmail
1. Open the sent or received email that you would like to view the header for.
2. Click the More icon in the top right and select Show original.
How to view email headers in Yahoo! mail
1. Open the sent or received email you want to view the header for.
2. Click on the More icon and select View raw message.
How to view email headers in Microsoft Outlook
1. In the Inbox or Sent folder, right-click on the email you want to check the header for.
2. Go to View then click View message source.
How to view email headers Apple mail
1. Open the sent or received email you want to view the header for.
2. Go to View then Message and select All Headers to view the full email header in the app, or Raw Source to view the entire email in a new window.
Example analysis of an email header (Gmail)
When you view the email header in Gmail, it displays the email in a way that highlights important parts of the header. This allows you to easily view the Message ID, Date, From, To, Subject and Authentication (SPF and DKIM) headers.
In this quick overview, we can see the email was created on Wednesday, February 16th at 3:33PM by MailerCheck. It passed the SPF and DKIM checks, along with the IP address and domain. Let’s see what else the email header can tell us.
| X-Received: | Headers beginning with X are non-standard parameters created by MTAs, in this case, Google’s SMTP server. Here we can see the IP address and SMTP ID of the receiving email server, and the date and time that it was received. |
| ARC-Seal: | This header doesn’t contain readable information, but it’s useful to know what it is. Authenticated Received Chain, or ARC, is a specification by the DMARC group which helps to preserve email authentication results and verifies the intermediaries between the sender and receiver. We can see a cryptographic signature (like DKIM) of the message headers, which holds the ARC signature and authentication results. |
| ARC-Message-Signature: | Similarly, the ARC-Message-Signature contains a cryptographic signature of the message up to this point. |
| ARC-Authentication-Results: | This header double-checks whether previous authentication passed or not, and displays the content from the Authentication-Results header. In this instance, we can see that both DKIM and SPF have passed. |
| Return-Path: | If the email is undeliverable, this header tells us that it should be returned to [email protected]. |
| Received: | Here we can see information about the first SMTP server the email was received at. This includes the server’s IP address, the subscriber’s email address, encryption details, and the date and timestamp of when the email was received. |
| Received-SPF: |
Before the email is delivered to the subscriber, the sender’s identity must be verified. In this case, we can see that the sender’s identity has been authenticated, indicated by a result of “pass”. Other possible values here include: Fail: The SPF check failed as the source is invalid |
| Authentication-Results: | This is where can view the authentication results as well as the ID of the server which has performed the authentication. We can see the server is mx.google.com and both SPF and DKIM have passed authentication. |
| DKIM-Signature: |
DKIM contains an encrypted digital signature to verify the sender and the message. The receiving mail server decrypts this signature using the DKIM key published in your DNS records. A hash string is then generated based on the contents of the email and compared to the hash string in the contents of the signature, verifying its authenticity. You might notice there are various tags in the header in our example. Each one of these is needed for DKIM to pass error-free. v: The application version, always set to 1 |
| Reply-To: | This is the email address where email replies should be sent to. It can be customized to whatever the sender wants. |
| MIME-Version: | The presence of this header and the value 1.0 tells us that the email is MIME formatted and can support additional formats such as video and audio. |
| Precedence: | The Precedence header can be set by email senders to let Google know they intended to send their email as bulk so that it’s not confused with spam. In this case, we can indeed see the bulk value entered. |
Analyze your emails for better deliverability
Congrats! You can now analyze the technical aspects of an email header and identify potential deliverability problems. You’re well on your way to sending campaigns that get maximum results every time.
If you want to optimize your email analysis and make troubleshooting more efficient, the best way is with an email analysis tool, like MailerCheck. Not only does MailerCheck fetch details from your email header information to identify issues, but it also checks your email content for typos, broken links and spam-like content.
Ready to try MailerCheck?
Sign up for free today and get 200 credits to play with.
Do you have any questions about analyzing email headers? Let us know in the comments below!
