Quick Gmail Tip: View Email Headers

Written by: Peter Jalbert on Wednesday, June 27th, 2007
Posted to: Gmail
One comment, add yours!

In the olden days, one limitation that I really hated with Windows’ built-in email client, Outlook Express, was that I couldn’t see the underlying code of a message. I guess this is one reason why Outlook Express users are easily duped into believing phishing messages, and easily respond with their passwords, click links, or open attachments. Being the stickler for security, I always made it a point to show email headers by default, even if it meant cluttering up my viewing window.

With Gmail, security measures are enforced. For instance, attachments are scanned before the “download” link is displayed. And images are not viewable by default. You have to click the “show images” link before they show up (to mitigate the possibility of viewing less-than-desirable images, or even JPEGs with malicious code embedded in the metafile).

Still, you may wish to view an email’s entire headers, which may give clues about the actual origin of the email. To do this, simply look for the “show original” link near your email headers.

Here:

or here:

When you click this link, another window is opened (or tab, depending on your browser preferences) containing the complete headers of the message. For instance, in a recent email I got from Google AdWords, here are the headers.

Delivered-To: xxxxxxxx@gmail.com
Received: by 10.82.149.7 with SMTP id w7cs228816bud;
Wed, 27 Jun 2007 12:27:42 -0700 (PDT)
Received: by 10.70.90.18 with SMTP id n18mr1462564wxb.1182972462445;
Wed, 27 Jun 2007 12:27:42 -0700 (PDT)
Return-Path:
Received: from proxy.google.com (proxy.google.com [64.233.171.4])
by mx.google.com with ESMTP id h39si13288423wxd.2007.06.27.12.27.42;
Wed, 27 Jun 2007 12:27:42 -0700 (PDT)
Received-SPF: pass (google.com: domain of adwords-noreply@google.com designates 64.233.171.4 as permitted sender)
Received: from BD230014
by proxy.google.com with ESMTP id l5RJRcNJ024899;
Wed, 27 Jun 2007 12:27:41 -0700
Message-ID:
Date: Wed, 27 Jun 2007 12:27:35 -0700 (PDT)
From: adwords-noreply@google.com
To: xxxxxxxx@gmail.com
Subject: AdWords prepayment
Cc: adwords-support@google.com
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
X-Google-Ads-Special-Bin: AdWords Account Snapshot

I know sometimes it looks cryptic. But having been looking at email headers for a relatively long time now, I can more or less see whether an email has been spoofed (i.e., the originating server is different from the “send from” address), or even the sender’s ISP.

Don't miss another post! Subscribe by RSS feed or by email today!

Share this post!   One comment so far, add yours!

Related posts

One Response to “Quick Gmail Tip: View Email Headers”

  1. # Adamon 01 Jul 2007 at 3:22 pm

    many spam reporting sites rely on full headers, I only wish Google made them available as a static option….it’s just 1 extra step (2 clicks) to open the extra tab…

    I guess they are aiming for simplicity though…normal users don’t need the headers :)