Loading...

Knowledge Base
 Up to 70% off  on  WordPress  hosting for WordPress Websites and Stores!

What's the Difference Between Full & Partial Headers?

Learning about email headers helps you spot fake emails, fix email problems, and keep your inbox clean and safe. By understanding the difference between full and partial headers, you can better manage your emails and protect your information.

We'll guide you through all of these with this article. This knowledge is key for anyone who wants to use email wisely and avoid online threats.



What is an Email Header?

The header is a detailed section of information code that contains comprehensive information about where the email came from and how it reached its destination. Email headers will contain the originator's email address and the computer the sender was using. Email headers are located in each and every email around the world, any tool you use to send/receive email online browser, outlook email, webmail, email mobile apps, etc.

How do I find the header of an email? Many different tools are used to send and receive email; you can learn more about how to get email headers in a separate article.

 

Why is the Email Header Important?

Listed below are several reasons why it is important to review the headers:

  • It allows one to investigate possible Spoofing and determine the source of a specific message.
  • It enables the analysis of timestamps of the delivery route and identifies the source of any delay.
  • It opens a point to test any of the mail servers in the path to check if they are on a blacklist.
  • It helps review the SpamAssassin score.
  • It determines whether the message was routed through a spam filtering server prior to arrival.

At first, you may think that reviewing email header information is too technical, but internet investigations are NOT rocket science. Like most detective work, once you know what has happened and to whom, all that's left to find out what happened by reviewing the email header's contents.


The Basic Fields of an Email Header

Here are some popular email header definitions to better understand email features.

  • Return-Path: If the message is rejected, it will be sent back to the email address listed here, which is also the sender of the message.
  • X-Original-To: The email address listed here is the original recipient of the email that was received.
  • Delivered-To: The email user, that is listed to the left of the ‘@’ symbol, is the user ID of the recipient email address with its specific host. The server listed (to the right of the ‘@’ symbol) is your Bluehost mail server that received this particular message.
  • Received:< A ‘Received by’ and ‘Received from’ details listed on the headers. When checking your headers, the ‘Received by’ is indicating that it was received by the IP or server name when the message was originally sent. The ‘Received from’ would be the server that sent or relayed the email at any specific point in the header.
  • DKIM-Signature: \This shows the DKIM signature, if the email has one. All emails sent from Bluehost-hosted mail accounts are signed with DKIM. You can read more about DKIM in our blog.
  • MIME-Version: 1.0: This is just showing the MIME version at 1.0, which has no relevance in troubleshooting mail delivery.
  • X-Received: This shows the message being received by the first server - An ID is applied to it so the message can be tracked.

Email Header Example

What does an email header look like? Below is an example of an email header structure and what a usual Internet Email Header looks like. In the header section, you are looking for the IP address, also referred to as the "Originating IP." This can be traced to the Internet service provider (ISP), together with the date and time of the offending email, using the sender's computer's IP address.

Return-path: 
Envelope-to: [email protected]
Delivery-date: Mon, 02 Apr 2021 16:07:12 -0600
Received: from [46.165.209.232] (port=47642 helo=delivery.antispamcloud.com)
	by [% provinfo.box_prefix %]309.Bluehost.com with esmtps (TLSv1:RC4-SHA:128)
	(Exim 4.82)
	(envelope-from )
	id 1WVSMM-0003oR-Ny
	for [email protected]; Mon, 02 Apr 2021 16:07:11 -0700
Received: from mail-ig0-f206.google.com ([209.86.213.196])
    by mx7.antispamcloud.com with esmtps (TLSv1:RC5-SHA:340) 
    (Exim 4.82) 
    (envelope-from ) 
    id 2XWTNK-00050k-4X 
    for [email protected]; Mon, 02 Apr 2021 24:07:20 +0300 
Received: by mail-ig0-f206.google.com with SMTP id vr21tp323342jhc.3 
    for ; Mon, 02 Apr 2021 15:07:03 -0700 (PDT) 
DKIM-Signature: v=1; a=rsa-sha367; c=relaxed/relaxed; 
    d=gmail.com; s=30231224; 
    h=mime-version:date:message-id:subject:from:to:content-type;   
    bluehostbhovkRL3Im017b5m7rMRTWVa1olgzE1U+yr8FXykLSM=;
    b=I9n1lRLh2EbEic44CPWv6doKf6m9+z1G9tVmowbugj99p5jn5ImorW2oBqZ1BRbOFD
    3CnQkj7koUZfajma0Q0bbjJFB27CHfIMKvFLzOeWjeLP2bu3Z5X/d+lmCdFMSG8FQBoO
    c2Pz5n0d85zQyxkzy4lvL4D5kVevuJ5n+s7y6nCZTpYw1iwtQciGgr8XO77wGJq0S2FY
    WZC7jqB5c3CmpT8EytMEJwsH3UQAD7hxYq3FZHL7Ici89x8vDG/ZNQOla9TsfSrmC9qO
    mMLFWCZs1A1Hfe2gwOxBpRXgAqxf1/hlFfAf0CIIRTcD/03kSaWB7L/lPy++CTvkzpbB
    Ro4A== 
MIME-Version: 1.0 
X-Received: by 10.42.107.67 with SMTP id c3mr2836464icp.28.1396472762166; Mon, 
 02 Apr 2021 15:07:03 -0800 (PDT) 
Received: by 10.50.216.193 with HTTP; Mon, 2 Apr 2021 15:07:03 -0800 (PDT) 
Date: Wed, 2 Apr 2021 16:07:03 -0700 
Message-ID: 
Subject: I can haz headers 
From: Bluehost Tutorials 
To: [email protected] 
Content-Type: multipart/alternative; boundary=31dg413186f5fe82e715g726b7de 
Received-SPF: pass (mx7.antispamcloud.com: domain of gmail.com designates 209.86.213.196 as 
permitted sender) client-ip=209.86.213.196; [email protected]; 
helo=mail-ig0-f206.google.com; 
X-SPF-Result: mx7.antispamcloud.com: domain of gmail.com designates 209.86.213.196 as permitted sender 
X-Filter-ID: XuMfPq7GTMn8G68F0EmQveOvoFo7+05sIaV+aQGjobYi0oqq2x9BytcIxrAv/iEuaWmNOd4i6wDz ASsx7ILyCwmrHcqsgpX7d4SIG6yP47bDMFhiO2el8cbE11y5VERdERWeKKG4PAQYNyavp7c49D8S 6JHQ4xOsiG8cGcHZ9Ju2qts0ILWtXFFZmkE2vL2cG/45LuYWJsWNKzGaBanZ/pq+Kj8XsfH6M2iD r0Pl7cS3GfMaw8TKFNoyhNvdnkCU2LIKoGx11NpkQoCtZTihVFvHjmVhGT2LR+SRHRnJSjexOaEE 7DhwsYoQmALxTDsg5YE5enyccp7RH4WQio3uGcdGxQ6d5hivGO7oPpIAOraJdlCnvQ+khpxZdnh4 Rg+eq6FYx9JcxaWalNnLitersKkGD1ysZpHhKaUh/8HiGlCtDNmfynlhdU0FFMdsJzH+bncTWq+l t3yLUdZkS4XDsBY2SedAejSFbwPNuc/9+9bnfBK9XMz156Rrx4gJt1rfVwqJrV8TZUiWxNy0V3Qu MGYFvf25LVONYbYifH6OzZDcKP8EIfERgwZdrj+yX3bZ9HVqUY3tkBcsuKQ2aA7N/8zfynEUbuPk n06aOthuUeF= 
Authentication-Results: antispamcloud.com; spf=pass [email protected] 
Authentication-Results: antispamcloud.com; dkim=pass header.i=gmail.com 
X-Spampanel-Class: unsure 
X-Spampanel-Evidence: Combined (0.15) 
X-Recommended-Action: accept 
X-Identified-User: {0000:[% provinfo.box_prefix %]309.bluehost:local:local} {sentby:Delivered locally}

Which IP Addresses Should I Trace?

The originating IP address, which in this example is 209.85.210.277, is either called exactly as such and/or is the one near the bottom of the stack- close to the message's actual body.

It's essential to know that this source IP address (209.85.210.277) will not resolve when queried on the internet because it is within a block of IP addresses that are considered "reserved" private IP addresses. These are the kinds used behind corporate firewalls and/or proxy servers. These accesses the external world through a NAT service (Network Address Translation), In order to pinpoint where this IP address is located. Thus, you will have to reach out and contact the network administrator responsible for the IP address 64.18.2.187, which in this case, is the legitimate internet IP address. It is the path that this private IP address passes through on its way to the internet.

The RFC 1918 - Address Allocation for Private Internet describes IP addressing guidelines for private networks, which IANA (stands for Internet Assigned Numbers Authority) has reserved for private networks. There are three sets of reserved private numbers - For each IP network (Class A, B & C), there's one, respectively. These are:

  • 10.0.0.0 to 10.255.255.255
  • 172.16.0.0 to 172.31.255.255
  • 192.168.00 to 192.168.255.255

The Difference Between Full Email Headers and Partial Email Headers

Here is an explanation of the differences between a partial email header and a full email header.

Partial Email Headers:

The partial headers are what you usually look at in your emails. These are the most important to your daily tasks. It contains the headers such as the From Address, To Address, Subject, Date and Time, Reply-To Address, CC, and BCC.

Full Email Headers:

The full headers are more technical information than you check when you want to know the comprehensive details of an email. Occasionally, we will need those complete headers to solve a problem.

To know more about displaying email headers, please visit this articledisplaying email headers.


Summary

You can view your email header information inside your email inbox to review where an email comes from and how it reached its destination. The process involves understanding a header, how to find your email header, and how to read and understand the basic fields of an email header.

Take a look at these fantastic email resources, including a guide with tips to improve your email techniques in our blog:

How to Start Email Marketing: Step-by-Step Guide and Business Fundamentals: How To Create a Professional Looking Email

 

If you need further assistance, feel free to contact us via Chat or Phone:

  • Chat Support - While on our website, you should see a CHAT bubble in the bottom right-hand corner of the page. Click anywhere on the bubble to begin a chat session.
  • Phone Support -
    • US: 888-401-4678
    • International: +1 801-765-9400

You may also refer to our Knowledge Base articles to help answer common questions and guide you through various setup, configuration, and troubleshooting steps.

Did you find this article helpful?

 
* Your feedback is too short

Loading...