This article takes you through the steps to check E-Mail headers in Outlook. If you don't feel like reading the article, feel free to check out our video on YouTube at http://www.youtube.com/watch?v=wR4I3Tc8fyA&feature=youtube_gdata. The article and the video both assume you are using Microsoft Outlook 2010.
- Open the E-Mail message in Outlook by double clicking it.
- Click the File tab at the top then click Properties.
- The headers will be displayed in the text box labeled Internet Headers. Feel free to copy these into your favorite text editor. We highly recommend Notepad++ for Windows.
Here are the key things to remember when reading E-Mail Headers:
- Always read the message from bottom to top. The last system to touch it will be displayed at the top.
- The bottom of the message will normally show the details of the message such as the person it was sent to, the ACTUAL address that sent it, and the message ID. Outlook does not show the base64 encoding of a message by default.
- Some anti spam systems will add additional information to the bottom including its spam score and if it contained viruses or unsafe attachments.
- If you continue reading up you will see "Received: from (server name) [IP-address] by server-name..." - The Received From is the sender server and the Received by is the receiving server in that specific hop. It is normal to see many of these since there are usually multiple relay and anti spam servers in between the actual E-Mail servers.
- Each line showing Received From and Received by will usually show a ESMTP id as well. This ID can usually be used to track the message on the specific system assigning the ID. If you are tracking the message, the mail admin may ask for this ID.
- Some senders will also attach DKIM signatures to the message. These are used with DNS (and sometimes SPF records) to not only guarantee the sender is the real sender, but to encrypt the message if the recipient server is configured to do so.
As you read E-Mail headers, keep these things in mind and you shouldn't have any trouble reading through them. By looking at headers, you can quickly determine the real senders, what path the message took, and easily identify problems when people are having trouble sending mail.