BareMetal.com

Baremetal
My Account
Domain Registration Management Services
Web Services
Tech Support
Tech Support Contact Info
CGI Library
Your Server
Billing Info
Company Info
Charities
Legal Info
Employment
Privacy Statement

BM


Technical Support

Tech Support: E-mail - Reading the Headers;

E-mail: Reading the Headers

Welcome to Email 101, where we take a look at the headers of an E-mail message and see what we can learn. We are going to focus on the Received headers as that can reveal why a message was delayed, and may provide information about the source of SPAM.

Most email clients default to only showing a few headers: Subject, From, Date, To. Your first homework task is to figure out how to get your email program to show you the full headers which will include a lot more information. This might be "view -> options -> internet headers" in Outlook, and "File -> Properties -> Details" in Outlook express. In our webmail system, from the message page, hit the "view full header" link. You should end up with something like the following:

Return-Path: <zzroea@example.com>
X-Spam-Checker-Version: SpamAssassin 3.1.7 (2006-10-05) on
    copper.baremetal.com
X-Spam-Status: No, score=6.5 required=8.0 tests=BAYES_60,HTML_10_20,
    HTML_MESSAGE,MIME_HTML_ONLY,RCVD_IN_BL_SPAMCOP_NET,SARE_GIF_ATTACH,
    TVD_FW_GRAPHIC_NAME_LONG autolearn=no version=3.1.7
X-Spam-Level: ******
Received: from customer201-216-240.116.iplannetworks.net
    (customer201-216-240.116.iplannetworks.net [201.216.240.116] (may be
    forged))
    by five.baremetal.com (8.13.4/8.13.4) with SMTP id l0MNuQGJ004585
    for <webmaster@example.net>; Mon, 22 Jan 2007 15:56:28 -0800
Received: from [168.37.233.101] (helo=ywvu)
    by customer201-216-240.116.iplannetworks.net with smtp (Exim 4.62
    (FreeBSD))
    id 1H994q-0005mJ-Pd; Mon, 22 Jan 2007 20:59:52 -0300
Message-ID: <45B54EF3.4030208@example.com>
Date: Mon, 22 Jan 2007 20:55:31 -0300
From: Roman Linda <zzroea@example.com>
User-Agent: Thunderbird 1.5.0.9 (Windows/20061207)
MIME-Version: 1.0
To: webmaster@example.net
Subject: If are using JSP technology without JavaServer Faces technology,
    youcan also encapsulate Ajax functionality using custom tags.
Content-Type: multipart/related;
 boundary="------------020807050708060809000206"
This isn't the best of examples as it only has two Received headers (marked in red). You can see that the two timestamps are in different timezones and this makes interpretation more difficult. In this case "15:56:28 -0800" and "20:59:52 -0300" are about 3.5 minutes apart which is probably just differences in the clocks on the two different computers.

The green text has been inserted by our spam-filtering system. This message was a "false negative", in that it was spam which was not classified as spam. (It probably was a pill-spam graphic advert.)

I've marked the Message-ID line in blue, as the message ID is supposed to be a unique identifier for this message and it is what we need to find if we're going to chase down a spam score or follow a message through our mailsystems.

-Tom



 
Home Page    Domain Registration Services    Web Services    Technical Support
About Baremetal    Privacy Statement    Billing Info    Charities
My Account    Legal Info    Search BareMetal

Copyright © 1996-2012, BareMetal.com Inc.
Last updated: Thursday, 28-May-2015 16:14:40 PDT
Last Accessed from: msnbot-40-77-167-78.search.msn.com
Questions and comments to support@baremetal.com