Every email has an email header. The header of the email contains information recipients are used to seeing with each email (the date it was sent, who it is from, and the subject) as well as a large amount of additional information that email clients hide from the user by default. The hidden information (typically accessible by looking for a “view full header” or equivalent button or link in your email client) includes the routing information for the email such as the address of each mail server it passed through and the times at which the email was passed forward.
In most cases, there is little reason for the recipient to open up and review the full email header. However, in cases where the recipient suspects the email is fraudulent in nature or malicious in origin, it can be useful to examine the headers to look for discrepancies, evidence of email address spoofing, or other signs that the email is not from the purported sender. For further reading see: HTG Explains: What Can You Find in an Email Header?
- By Jason Fitzpatrick on 11/23/13