A simple email client does not add too many headers to the email it is sending. Typically only the following headers appear in the message to be sent: “From:”,”To:”, “Subject:”,”MIME-Version:”, “Date:”,”Content-Type:”,”Content-Transfer-Encoding:”. But when you receive the email, you’ll find many extra headers have been added to the received email. The extra headers are added by postfix or other mail servers in the process of delivering the email. What headers does postfix add to an incoming email? I know there are configuration parameters such as header_checks, smtp_header_check, or milter_header_checkers that can be used to add custom headers to incoming or outgoing emails. But I’m interesting in the headers postfix adds without using these parameters.
By sending and receiving a test email to internal email address, I find the following headers are added by postfix in processing the incoming email: “Message-ID:”,”Received: “,”DKIM-Signature: “(if you use opendkim with postfix), “Return-Path:”. The “Received:” header postfix added to the message is a little complex: it contains the host name provided by the client in the EHLO command, and the client ip address. It also contains the information postfix generated such as the receiving time. The “Return-Path:” is the envelope “MAIL FROM:” sent by the client.
After postfix receives the incoming email, it delivers to cyrus-imap using the lmtp client. cyrus-imap lmtpd process also adds some headers to the email: “Received:”,”X-Sieve:”.
To check what headers are added by postfix for outgoing emails, I sent a test email to external email address. The result is the same:Postfix adds “Message-ID:”,”Received: “,”DKIM-Signature: “, “Return-Path:” to the outgoing email. But when the email reaches the external SMTP server, the external SMTP server adds more headers like “Received:”,”Delivery-date:”, “Envelope-to:” so I guess that external mail server is not a postfix server.
If you send emails to large email service providers such as outlook.com or gmail.com, their email servers will add numerous headers to your message. For example, outlook.com servers will add the following headers to the email it receives:
- X-Microsoft-Antispam-Message-Info:
- X-Message-Delivery:
- X-Message-Info:
- X-Microsoft-Antispam-Mailbox-Delivery:
- X-Microsoft-Exchange-Diagnostics:
- X-MS-Exchange-Processed-By-BccFoldering:
- X-MS-Exchange-Transport-EndToEndLatency:
- X-MS-Exchange-Transport-CrossTenantHeadersStamped:
- X-MS-Exchange-CrossTenant-FromEntityHeader:
- X-MS-Exchange-CrossTenant-Id:
- X-MS-Exchange-CrossTenant-Network-Message-Id:
- X-MS-Exchange-CrossTenant-OriginalArrivalTime:
- X-OriginatorOrg:
- X-Microsoft-Exchange-Diagnostics:
- SpamDiagnosticMetadata:
- SpamDiagnosticOutput:
- X-MS-Exchange-Organization-SCL:
- X-Exchange-Antispam-Report-CFA-Test:
- X-Exchange-Antispam-Report-Test:
- X-MS-Exchange-Organization-PCL:
- X-SID-Result:
- X-SID-PRA:
- X-Sender-IP:
- X-MS-Exchange-EOPDirect:
- X-MS-TrafficTypeDiagnostic:
- X-Microsoft-Exchange-Diagnostics:
- X-Microsoft-Antispam:
- X-MS-Office365-Filtering-Correlation-Id:
- X-MS-PublicTrafficType:
- X-MS-Exchange-Organization-AuthAs:
- X-MS-Exchange-Organization-AuthSource:
- X-Forefront-Antispam-Report:
- X-MS-Exchange-Organization-MessageDirectionality:
- X-EOPTenantAttributedMessage:
- X-EOPAttributedMessage:
- X-MS-Exchange-Organization-Network-Message-Id:
- Message-ID:
- X-IncomingTopHeaderMarker:
- Received:
- Received-SPF:
- Authentication-Results:
The headers even go into the multipart of your email body. You can see many headers are spam related with the only intention of throwing your email into their junk box:) There is little information talking about these mysterious headers. I only find a few articles on decoding/interpreting/explaining these headers. In this article, you can get to know how outlook uses SCL(Spam Confidence Level score) and BCL(Bulk Complaint Level) in these headers to filter messages.
