Dan's Mail Format Site | Headers | Other

Dan's Mail Format Site:

Headers: Other

[<== Previous] | [Up] | [Next ==>]

There are other e-mail headers besides the ones that were discussed in earlier articles. Here is information about some of them.

X Marks the Spot

The number of different possible mail headers is open-ended, since anybody can create more of them when needed or wanted. If you write a program or script to send mail, you can insert whatever header fields you want; and even if you don't, some mail programs have advanced-user configurations letting you insert custom headers. The standards provide that if you wish to use headers other than those defined in the standards, you should give them names starting with X-, to indicate a nonstandard header. Not all developers follow the standards properly, though, and custom headers not starting with X- sometimes turn up anyway.

Fantastic Headers and Where to Find Them

There are a number of headers, both ones defined in a standard and ones that aren't, which are in fairly widespread use, and sometimes you can find useful or interesting information about a message in them. Here are some of them.


This field indicates when the message was sent (if the sender's computer is set to the right time, anyway). The format is like this:

Date: Sat, 12 Jul 2003 20:07:37 -0400 (EDT)

Earlier formats featuring two-digit years were deprecated long before the whole "Y2K" hysteria.

Often, spam messages will have bogus, malformatted date fields, which may show up in some mail programs as indicating that the message was sent in the distant future. This is one thing which might sometimes be usable as a filtering criterion, since legitimate messages rarely have such formatting problems.


When you're trying to track where a spam or virus message really came from, this is a useful header. All the other addresses in the headers may be forged; even some of the Received headers may be forged; however, at some point, the message must leave the machines controlled by the spammer or virus and go out onto the open Internet, and from that point on its progress is tracked by the Received lines which are inserted by each server through which it passes. Since a message might pass through several servers before reaching its destination, there may be a whole bunch of Received headers, and they're normally arranged with the newest one on top and earlier ones beneath it. The format is like this:

Received: from mx01.nic.name (mx01.nic.name [])
	by smeagol.dreamhost.com (Postfix) with SMTP id 7A07023A05
	for <MAIL@DAN.TOBIAS.NAME>; Tue,  1 Jul 2003 16:59:19 -0700 (PDT)
Received: (qmail 4466 invoked by uid 1004); Tue, 1 Jul 2003 23:59:19 -0000
Delivered-To: dan@tobias.name
Received: (qmail 4461 invoked by alias); Tue, 1 Jul 2003 23:59:18 -0000
Received: from unknown (HELO lists.kettenhemdhuehner.de) (
  by mx01.nic.name with SMTP; Tue, 1 Jul 2003 23:59:18 -0000
Received: (qmail 22708 invoked by uid 10300); 1 Jul 2003 23:59:17 -0000

As you can see, the exact format can vary, but sometimes there's one or more server hostnames and IP addresses indicating the sending and receiving servers in one of the steps the message took, an indication of what software the server is running, and the date and time it happened. The times may be in different time zones (see the -0700, meaning 7 hours before Greenwich time, and -0000 meaning Greenwich time) and aren't necessarily fully accurate (not everybody keeps their computers' clocks perfectly in sync; sometimes the sequence of Received headers shows the message apparently being received before it was sent!). Somewhere in the middle of that sequence, one server inserted a Delivered-To header indicating the point where the appropriate server for the destination address was reached. Since dan@tobias.name is actually a forwarding alias, later headers show the message's progress from there to the actual destination.


Some mail programs use this header to indicate what program the message was sent from, and what version. That way you'll know who to blame for any horrendously malformatted message you get. You also sometimes see User-Agent or X-User-Agent for this purpose, especially for mail programs that are built into Web browsers, where the contents may be the same as the user agent string sent by the browser to Web servers.

AOL's mail program perversely uses an X-Mailer header that gives the version, but doesn't actually say what program it is; here's an example:

X-Mailer: 8.0 for Windows sub 910

It kind of reminds me of how the United Kingdom is the only country not to put a country name on postage stamps, because they were the first to invent them and didn't need to give a country while they were the only one issuing them, and then it became a tradition. However, AOL didn't invent e-mail (and it doesn't even do e-mail in a way that follows the standards very well; see my article), so I don't know what its excuse is.


Supposedly to indicate how important a message is, from 1 (highest) to 5 (lowest). Can easily be abused by spammers, who naturally want all their junk to come in at highest priority. To confuse things even more, several proprietary variants like X-MSMail-Priority exist, supported by particular software.

List-Unsubscribe (and friends)

A bunch of headers are sometimes used in mailing-list messages to provide indications of the address to use in order to unsubscribe from the list, among other things. Some mail programs recognize these and provide an interface to perform list-related actions based on these headers, which include List-Subscribe, List-Unsubscribe, List-Archive, List-Post, List-Help, and List-ID. Also, the Errors-to header is used to indicate the address that mailer errors should be sent to, so that they go to a list administrator instead of to the entire list or the sender of an individual list message.

References and In-Reply-To

Used to allow more sophisticated threading than merely matching by subject line, these headers contain the message IDs of related messages, such as the one to which this is a reply, and others in the same thread. The value of this header, contained within angle brackets, should match the value of the Message-ID header of the other messages being referred to. A mail program can use these headers to arrange messages by thread.


Used more often for newsgroups than e-mail, this header indicates that the sender does not wish the message to be publicly archived, for instance in searchable newsgroup archives like Google Groups. It's typically added by those with a heavy desire for privacy, though if a message is posted to a public newsgroup or mailing list it shouldn't really be considered "private" in the first place. It's understandable that some would be concerned that, at some time in the indefinite future, a potential employer, date, spouse, etc. will type your name into a search engine and turn up all the smartass and dumbass things you ever said online, but when you use this header you're creating a nuisance for legitimate readers, too; I sometimes read newsgroups in Google myself, and hate it when I can only read one side of a dialogue because the other side set the no-archive flag.


Some programs let you add an "Organization" header to indicate what company, organization, or agency you're connected with. There's no real consistency in how this is used; sometimes it may indicate that the writer is employed by the organization in question and is writing from a work account, but other times it may be configured by default by an ISP to embed the ISP's name even though the message writer is merely a customer of theirs. Sometimes people put in "joke" values like Organization: Disorganized. You should never assume that anybody is speaking on behalf of an organization, or that their views are those of the organization, just because the organization's name shows up in their headers, whether or not they actually include a disclaimer to that effect.

That's Not All, Folks!

There are many more headers that have been used, and more turn up all the time. I may add more to this page as I discover them.


Next: We now turn to the main message body; the next article discusses the uses and abuses of HTML-format e-mail.

[<== Previous] | [Up] | [Next ==>]


This page was first created 01 Jul 2003, and was last modified 23 Apr 2006.
Copyright © 2003-2011 by Daniel R. Tobias. All rights reserved.