Mail headers. They're just crap which tell you who an email's from, and who it's too, yeah? Bzzzt! next contestant.

Mail headers can tell you all sorts of fun and interesting things about where an email's been, whether that alleged multi-national is running over dialup, and what state of mind the sender's in.

Let's start with an example. These are the full headers from a recent post of mine to thelist:


Envelope-to: martin@easyweb.co.uk
Delivery-date: Sun, 15 Aug 1999 18:18:32 +0000
Date: Sun, 15 Aug 1999 19:09:17 +0100
From: Martin Burns <martin@easyweb.co.uk>
To: "evolt" <thelist@evolt.org>
Mime-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Message-Id: <E11G4ig-00049e-0B@finch-post-11.mail.demon.net>
Subject: [thelist] site in a week - now live!
Reply-To: thelist@lists.evolt.org
Sender: thelist-admin@lists.evolt.org
Errors-To: thelist-admin@lists.evolt.org
Precedence: bulk

*Phew*. Let's break this down a bit, starting with the easy stuff.

X-headers

X-headers are great, because they're completely free to do what the hell

you like with. You can make up any header type you like, and as long as it

starts with X-, it's completely up to you.

So in the above, we have a number of X-headers:


	X-MajorGumbo-version: 1.0

The mailing list software evolt.org uses is called MajorGumbo,

so this is an identification note.

X-BeenThere: thelist@lists.evolt.org

An identification to say that it's come from thelist, set up by Dan to be added by MajorGumbo.

X-UIDL: 6bce08484a7ed8a1b357f6959a0df30d

A unique id reference to the message for the benefit of MajorGumbo.

x-mailer: Claris Emailer 2.0v3, January 22, 1998

My email client identifying itself (or getting itself a free advert, depending on how you look at it).

x-sender: pop4139@pop.easyweb.co.uk

Added by my email client, as the account I used collects its mail there, so Claris

Emailer assumes that this is who I am.

Most of this fairly sane, but you can get some very odd stuff indeed

happening in X-headers. Take this for example, which Dan put in the headers for a while:

X-evolt: We put the rrr in werd baby! Yeah baby, yeah!!!

I don't know what he was on at the time, but I want some.

Instructions

This is where my mail client and MajorGumbo give out the orders about

who the email is from, and where it's going. Mailing lists are slightly

odd in that they deliver one message to many people, so they have to

overwrite the original delivery instructions of 'Deliver this to thelist' as

'Deliver this to recipient n'

From: Martin Burns <martin@easyweb.co.uk>

Fairly straightforward - the info I put into Claris Emailer for this account.

To: "evolt" <thelist@evolt.org>

This one is a bit more problematic. If it's going to thelist,

how did it get out to me? The answer's here:

Envelope-to: martin@easyweb.co.uk

There's another header which says where it's actually going, and this takes precedence.

Mime-Version: 1.0
	Content-Type: text/plain; charset="US-ASCII"

These define how attachments are defined, and what character set to use.

If this were set differently, I could use extended character sets within the

email - useful if you're talking about concepts in another language. £ signs

would be nice...

Message-Id: <E11G4ig-00049e-0B@finch-post-11.mail.demon.net>

An ident which uniquely identifies the email in a global setting.

Subject: [thelist] site in a week - now live!

Fairly obvious I would have thought.

Reply-To: thelist@lists.evolt.org

This is the bit which ensures that when you hit 'Reply', your email

goes back to the list, not to me individually. I'm subscribed to one

list where this isn't set correctly, and it's a pain to remember each time.

Sender: thelist-admin@lists.evolt.org
	Errors-To: thelist-admin@lists.evolt.org
	Return-path: <thelist-admin@lists.evolt.org>

Three headers which ensure that any problems - such as bounces from

a dead account - get notified back to Dan, and not to thelist.

Routing information

This is when you find out where your email has been on its holidays.

Email doesn't necessarily go from point to point - that's not how the

net is set up. If an email goes from machine A to machine Z, it will

first go to machine B, and ask it "Do you know the way to

~~San Jose~~ erm I mean machine Z?"

Machine B will reply "I can get it part of the way, and pass it

on to machine C who knows the next section of the route."

This is so that if machine L is down, email can be routed around it.

Of course, if machine A happens to know where machine Z is, and

can get to it directly, then it will just talk directly to machine Z.

Every time your email goes through an MTA (Mail Transfer Agent such as

machine B above), the MTA timestamps it at the start of the headers. So routing

information must be read backwards. Here are those routing headers from above,

but reversed for convenience:

Received: from easyweb.demon.co.uk ([212.228.136.1])	
	by finch-post-11.mail.demon.net with smtp (Exim 2.12 #1)	
	id 11G4ig-00049e-0B	for thelist@evolt.org; Sun, 15 Aug 1999 18:09:23 +0000

The mail has gone from my outgoing postbox to Demon's outgoing mailqueue, marked for delivery to

thelist. This tells you that my outgoing mail and connectivity are

through Demon

Internet. It also suggests that I've got a subdomain mapped to my dialup

(Demon give you a fixed IP, rather than making you endure the hell of DHCP, which is nice).

Received: from finch-post-11.mail.demon.net (finch-post-11.mail.demon.net 
	[194.217.242.39])	by melon.executive.tm (8.8.7/8.8.7) with ESMTP id OAA07875	
	for <thelist@evolt.org>; Sun, 15 Aug 1999 14:09:25 -0400

Demon's MTA knows that evolt.org is looked after by Vince at executive.tm, so passes

it on there, still marked for thelist.

Received: from melon.executive.tm (IDENT:root@ns.executive.tm [207.168.73.2])	
	by csilx1.csi1st.net (8.9.3/8.9.3) with ESMTP id OAA19636	
	for <thelist@lists.evolt.org>; Sun, 15 Aug 1999 14:16:00 -0400

... but what Demon doesn't know is that thelist doesn't actually run from the same place

as the website. Happily, Vince has his MTA set up to pass it on appropriately.

Received: from csilx1.csi1st.net (IDENT:mail@csilx1.csi1st.net [209.48.124.2])	
	by csilx1.csi1st.net (8.9.3/8.9.3) with ESMTP id OAA19663;	Sun, 15 Aug 1999 14:16:02 -0400

Now we're actually at the home of thelist, MajorGumbo can process it and bounce it

back out again. Notice that we've lost the note that we're going to thelist,

because we've been there and done that (see the X-header above).

Received: from csilx1.csi1st.net [209.48.124.2] (root)	by smarties 
	with esmtp (Exim 1.62 #3)	id 11G4rX-0005Yg-00; Sun, 15 Aug 1999 18:18:31 +0000

And it arrives safely at my incoming mailbox - received by smarties which

is running mail software called Exim. Smarties is run by

target="_foo">Instant Web who host my domain and maintain popboxen for me.

Had I set this address to forward the mail elsewhere, then there would be another

set of routing headers.

So there you are - mailheaders in a nutshell. We'll be going on to explain how you can

exploit X-headers in a future article about sending emails from CGIs.