What all the stuff in email headers means…

An Ars Technica article asserts, “Parsing email headers needs care and knowledge—but it requires no special tools.” The author says that figuring out where an email message comes from can be especially important for “someone who has been impersonated—or whose child has been impersonated—via email.”

Even when you know how to “view headers” or “view source” in your email client, the spew of diagnostic wharrgarbl can be pretty overwhelming if you don’t know what you’re looking at. Today, we’re going to step through a real-world set of (anonymized) email headers and describe the process of figuring out what’s what.

Before we get started with the actual headers, though, we’re going to take a quick detour through an overview of what the overall path of an email message looks like….

The article may be intimidating in its discussion of the components involved in sending and receiving email. But if you take your time to follow the step-by-step explanations you will learn what goes on behind the scenes, how email can be compromised by hackers, and how email systems try to maintain security against hacking.

As always, your best defense against hacking via email is to be very careful. Never click on a link in an email message — or reply to a message — if you have the slightest suspicion that something is wrong. If the message appears to be from a friend or from your financial institution, call them to confirm before taking any other action. 

With that basic caveat in mind, read the article to see the guts of how email works.

What all the stuff in email headers means—and how to sniff out spoofing | Ars Technica — by JIM SALTER –