9.7. Examining Message Headers and Source
What you see when you read an email message in your inbox may be only a small portion of what the message actually contains. In order to make messages more readable and friendly looking, your email client usually hides some parts of the message and interprets others. For example, if the message contains HTML tags to display text in a special font or to include a graphic with a clickable link to a web page, your email client most likely shows you the styled content the sender intended rather than the cluttered, difficult-to-read underlying code.
Normally, what your email client shows you is exactly what you want. However, occasionally, you may be unable to tell if a message is legitimate or you may receive something so troubling that you feel obligated to report the sender to the authorities. In cases such as these, you need to be able to look behind the scenes to what's really inside your messages. You can do this by examining the message's headers, source, or both.
9.7.1. Message headers
Every email message includes two key parts: the content and the headers, lines of text that provide information such as who sent the message, to whom, on what date, and with what subject. Most email clients display just a few of these headers (typically From, To, Date, and Subject) while hiding the rest, which includes all sorts of technical details about the path the message took between sender and recipient and notifications that any of the intermediate ...
Get Mac® Security Bible now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
