There are other e-mail headers besides the ones that were discussed in earlier articles. Here is information about some of them.
X Marks the Spot
The number of different possible mail headers is open-ended, since anybody can create more of them when needed or wanted.
If you write a program or script to send mail, you can insert whatever header fields you want; and even if you don't, some
mail programs have advanced-user configurations letting you insert custom headers. The standards provide that if you wish
to use headers other than those defined in the standards, you should give them names starting with
Fantastic Headers and Where to Find Them
There are a number of headers, both ones defined in a standard and ones that aren't, which are in fairly widespread use, and sometimes you can find useful or interesting information about a message in them. Here are some of them.
This field indicates when the message was sent (if the sender's computer is set to the right time, anyway). The format is like this:
Date: Sat, 12 Jul 2003 20:07:37 -0400 (EDT)
Earlier formats featuring two-digit years were deprecated long before the whole "Y2K" hysteria.
Often, spam messages will have bogus, malformatted date fields, which may show up in some mail programs as indicating that the message was sent in the distant future. This is one thing which might sometimes be usable as a filtering criterion, since legitimate messages rarely have such formatting problems.
When you're trying to track where a spam or virus message really came from, this is a useful header. All the other
addresses in the headers may be forged; even some of the
Received: from mx01.nic.name (mx01.nic.name [126.96.36.199]) by smeagol.dreamhost.com (Postfix) with SMTP id 7A07023A05 for <MAIL@DAN.TOBIAS.NAME>; Tue, 1 Jul 2003 16:59:19 -0700 (PDT) Received: (qmail 4466 invoked by uid 1004); Tue, 1 Jul 2003 23:59:19 -0000 Delivered-To: email@example.com Received: (qmail 4461 invoked by alias); Tue, 1 Jul 2003 23:59:18 -0000 Received: from unknown (HELO lists.kettenhemdhuehner.de) (188.8.131.52) by mx01.nic.name with SMTP; Tue, 1 Jul 2003 23:59:18 -0000 Received: (qmail 22708 invoked by uid 10300); 1 Jul 2003 23:59:17 -0000
As you can see, the exact format can vary, but sometimes there's one or more server hostnames and IP addresses indicating the sending
and receiving servers in one of the steps the message took, an indication of what software the server is running,
and the date and time it happened. The times may be in different time zones (see the -0700, meaning 7 hours
before Greenwich time, and -0000 meaning Greenwich time) and aren't necessarily fully accurate (not everybody
keeps their computers' clocks perfectly in sync; sometimes the sequence of
Some mail programs use this header to indicate what program the message was sent from, and what version.
That way you'll know who to blame for any horrendously malformatted message you get. You also sometimes
AOL's mail program perversely uses an
X-Mailer: 8.0 for Windows sub 910
It kind of reminds me of how the United Kingdom is the only country not to put a country name on postage stamps, because they were the first to invent them and didn't need to give a country while they were the only one issuing them, and then it became a tradition. However, AOL didn't invent e-mail (and it doesn't even do e-mail in a way that follows the standards very well; see my article), so I don't know what its excuse is.
Supposedly to indicate how important a message is, from 1 (highest) to 5 (lowest). Can easily be abused by spammers, who
naturally want all their junk to come in at highest priority. To confuse things even more, several proprietary variants
List-Unsubscribe (and friends)
A bunch of headers are sometimes used in mailing-list messages to provide indications of the address to use in order
to unsubscribe from the list, among other things. Some mail programs recognize these and provide an interface to perform
list-related actions based on these headers, which include
References and In-Reply-To
Used to allow more sophisticated threading than merely matching by subject line, these headers contain the
message IDs of related messages, such as the one to which this is a reply, and others in the same thread.
The value of this header, contained within angle brackets, should match the value of the
Used more often for newsgroups than e-mail, this header indicates that the sender does not wish the message to be publicly archived, for instance in searchable newsgroup archives like Google Groups. It's typically added by those with a heavy desire for privacy, though if a message is posted to a public newsgroup or mailing list it shouldn't really be considered "private" in the first place. It's understandable that some would be concerned that, at some time in the indefinite future, a potential employer, date, spouse, etc. will type your name into a search engine and turn up all the smartass and dumbass things you ever said online, but when you use this header you're creating a nuisance for legitimate readers, too; I sometimes read newsgroups in Google myself, and hate it when I can only read one side of a dialogue because the other side set the no-archive flag.
Some programs let you add an "Organization" header to indicate what company, organization, or agency you're connected with.
There's no real consistency in how this is used; sometimes it may indicate that the writer is employed by the organization
in question and is writing from a work account, but other times it may be configured by default by an ISP to embed the
ISP's name even though the message writer is merely a customer of theirs. Sometimes people put in "joke" values
That's Not All, Folks!
There are many more headers that have been used, and more turn up all the time. I may add more to this page as I discover them.
Next: We now turn to the main message body; the next article discusses the uses and abuses of HTML-format e-mail.
This page was first created 01 Jul 2003, and was last modified 23 Apr 2006.