About email full headers

In email messages, headers contain the addresses of all the computer systems that have relayed a message between you and the message's sender. Each computer that forwards the message along its route adds a line of information to the headers. Usually you do not see these full headers, as they can be fairly long and thus are not displayed along with the common "From:", "To:", "Subject:", and "Date:" headers. The information provided in the full headers allows you to determine where a message actually came from, and how it got to your computer. This is sometimes necessary because the address you see on the "From:" line can be spoofed, or faked.

If an Indiana University email account is involved with a questionable email message, whether as sender or recipient, the University Information Security Office (UISO) investigates. UISO staff need the message's recipient to send the full headers in order to track down exactly where the message came from, and the internet path it traveled. Only the original recipient of the message can provide full headers; they aren't available in forwarded copies of the original message.

While UISO staff can identify a sender's email service provider in this way, it may not be possible to positively identify the individual sender.

For instructions on displaying and sending full headers, see Display and send the full headers of an email message.

For help, contact your campus Support Center.

This is document akij in the Knowledge Base.
Last modified on 2021-09-03 12:17:44.