Skip Navigation | George Mason University > Information Technology Unit > Security
Information Technology Security George Mason University
Security Review Panel ITU Support Center
Advisories News Rules and Regulations Security Practices Sysadmin Resources Tools and Products

How to interpret Email headers.

Full headers can provide information about who sent a message, from what service provider, and the path the message took to get to you. It is important to include the full headers with any e-mail message forwarded to the StopIT address (abuse@gmu.edu). 

Click default display or full headers for examples of each.


Example of default display of headers



Subject: Topic of Message is inserted here
Date: Wed, 02 Jul 2003 14:06:06 -0400
From: Someuser@domain.name
Reply-To: recipient@domain.name <recipient@domain.name>
To: recipient@domain.name


Example of Full Headers

(note section in red is likely where message originated):

Return-path: <service@paypal.com>
Received: from mail01.gmu.edu (mail01 [129.174.0.111])
by mserver2.gmu.edu (iPlanet Messaging Server 5.2 Patch 1 (built Aug 19 2002))
with ESMTP id <0HGJ0029SSKOPB@mserver2.gmu.edu> for username@ims-ms-daemon
(ORCPT username@mail.gmu.edu); Sun, 15 Jun 2003 20:12:24 -0400 (EDT)
Received: from portal.gmu.edu (portalmemo.gmu.edu [129.174.0.118])
by mail01.gmu.edu (iPlanet Messaging Server 5.2 Patch 1 (built Aug 19 2002))
with ESMTP id <0HGJ00279SKNWP@mail01.gmu.edu> for username@mail.gmu.edu
(ORCPT username@mail.gmu.edu); Sun, 15 Jun 2003 20:12:23 -0400 (EDT)
Received: from mx-c.gmu.edu (mx-c.gmu.edu [129.174.0.121])
by portal.gmu.edu (8.8.8/8.8.8) with SMTP id UAA06931 for <username@gmu.edu>;
Sun, 15 Jun 2003 20:12:23 -0400 (EDT)
Received: from ool-44c283ec.dyn.optonline.net(68.194.131.236)
by mx-c.gmu.edu via csmap         id 4939; Sun, 15 Jun 2003 20:09:53 -0400 (EDT)
Date: Sun, 15 Jun 2003 23:18:54 +0000
From: Service <service@paypal.com>
Subject: Paypal Security Measures
In-reply-to: <HI5C7EACB3EDLG22@gmu.edu>
To: Username <username@gmu.edu>
Message-id: <2501IJ266AGJKAHE@paypal.com>
MIME-version: 1.0
Content-type: text/html; charset=Windows-1251
Content-transfer-encoding: 7BIT
References: <HI5C7EACB3EDLG22@gmu.edu>
Contact: Curtis McNay, Director IT Security | Updated August 28, 2007