skip to content

IT Help and Support

University Information Services
 

The information in an email's header is invaluable when trying to investigate phishing and malware scams, so it is important that you include all this information when you report suspicious emails to the UIS Service Desk.

What is an email header?

Email headers contain meta information about the message that is not part of the actual message content. As well as the To, From and Subject, it includes lots of information about how the message was routed, such as time stamps and mail transfer agents.

Here's an example of header information, much of which isn't automatically displayed by your email client:

Ordinary header information:

Date: Mon, 19 Feb 2009 05:09:35 +0200
From: Amazon Inc. <support@amazon.com>
To: undisclosed-recipients: ;
Subject: [Notification] - Security Measure

Full header information:

Return-Path: <support@amazon1.com>
Received: from ppsw-3-intramail.csi.cam.ac.uk ([192.168.128.133])
by cyrus-22.csi.private.cam.ac.uk (Cyrus v2.1.16-HERMES)
with LMTP; Mon, 19 Feb 2009 09:09:38 +0000
X-Sieve: CMU Sieve 2.2
X-Cam-SpamScore: ssssssssssssss
X-Cam-SpamDetails: scanned, SpamAssassin-3.1.7 (score=14.288,
DNS_FROM_RFC_POST 1.44, FORGED_MUA_OUTLOOK 3.36,
FORGED_OUTLOOK_HTML 2.51, FRONTPAGE 0.81, HTML_IMAGE_ONLY_20 0.64,
HTML_MESSAGE 0.00, HTML_SHORT_LINK_IMG_3 0.52, MIME_HTML_ONLY 0.00,
RAZOR2_CF_RANGE_51_100 0.50, RAZOR2_CF_RANGE_E4_51_100 1.50,
RAZOR2_CF_RANGE_E8_51_100 1.50, RAZOR2_CHECK 0.50,
UNDISC_RECIPS 0.88, X_PRIORITY_HIGH 0.12)
X-Cam-AntiVirus: Not scanned
X-Cam-ScannerInfo: http://www.cam.ac.uk/cs/email/scanner/
Received: from 10.30.3.213.fix.bluewin.ch ([213.3.30.10]:22949
helo=mailserver.druckereimaier.ch)
by ppsw-3.csi.cam.ac.uk (mx.cam.ac.uk [131.111.8.143]:25)
with esmtp (csa=unknown) id 1HJ4WY-0007mP-Aa (Exim 4.63) for
cert@cam.ac.uk
(return-path <support@amazon.com>); Mon, 19 Feb 2009 09:09:35 +0000
Received: from localhost (localhost [127.0.0.1])
by mailserver.druckereimaier.ch (Postfix) with ESMTP id B71FD152CBC;
Mon, 19 Feb 2009 06:29:17 +0100 (CET)
Received: from mailserver.druckereimaier.ch ([127.0.0.1])
by localhost (mailserver.druckereimaier.ch [127.0.0.1]) (amavisd-new,
port 10024)
with ESMTP id 09114-05; Mon, 19 Feb 2009 06:29:17 +0100 (CET)
Received: from User (unknown [89.33.91.51])
by mailserver.druckereimaier.ch (Postfix) with ESMTP id 4950114E2E7;
Mon, 19 Feb 2009 04:09:32 +0100 (CET)
Reply-To: <support@amazon1.com>
From: "Amazon Inc." <support@amazon.com>
Subject: [Notification] - Security Measure
Date: Mon, 19 Feb 2009 05:09:35 +0200
MIME-Version: 1.0
Content-Type: text/html;
charset="Windows-1251"
Content-Transfer-Encoding: 7bit
X-Priority: 1
X-MSMail-Priority: High
X-Mailer: Microsoft Outlook Express 6.00.2800.1081
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1081
Message-Id: <20090219030932.4950114E2E7@mailserver.druckereimaier.ch>
To: undisclosed-recipients: ;
X-Virus-Scanned: by amavisd-new at druckereimaier.ch

 

Displaying full headers in your email client

For email clients not listed below, see Spamcop for instructions.

UIS Service Desk

UIS Service Status

Phone padded  Service status line: (01223 7)67999
Website  Sign up for SMS/email status alerts
Website  Read major IT incident reports

UIS bITe-size bulletin

A regular newsletter aimed at the University's IT community, highlighting service and project news from UIS.

Sign up >

Latest news

University Wireless Service maintenance: Tuesday 21 September, 08:00–09:00

16 September 2021

The University Wireless Service will be undergoing essential maintenance between 08:00 and 09.00 on Tuesday 21 September while we apply a security software patch. This is a security update to ClearPass, which provides Wireless Service network access control. We're not expecting any disruption to service, but it should be...

Mailing list migrations from Mailman to Sympa

31 August 2021

We intend to migrate all remaining lists associated with colleges from Mailman to Sympa during the week commencing 13 September 2020. The current total is 1,567. How this will affect users of the mailing list management service Most mailing list subscribers shouldn't notice any difference. During the switchover, there will...

Managed Zone Service closedown and migration to Mythic Beasts

24 August 2021

The Managed Zone Service (MZS) is being shut down, and its data content migrated to a commercial provider, Mythic Beasts. There will be no interruption to the service, but MZS users in institutions will need to make arrangements to retain management access to their zones. What is changing? UIS set up the MZS many years ago...