邮件中常见的邮件头
Header Name |
Description |
From |
发件人 |
To |
收件人 |
Subject |
邮件主题 |
Date |
邮件发送时间 |
Received |
邮件接收记录 |
Message-ID |
邮件 ID |
CC |
抄送人 |
BCC |
密送人 |
Reply-To |
邮件回复 |
In-Reply-To |
邮件回复 |
References |
邮件引用 |
MIME-Version |
MIME 版本 |
Content-Type |
邮件类型 |
DKIM-Signature |
DKIM 签名 |
List-Unsubscribe |
退订 |
List-Unsubscribe-Post |
退订 |
Feedback-ID |
MP 反馈环 |
不那么常见:
Header Name |
Description |
Sender |
实际发件人(MailFrom 地址) |
X-Priority |
邮件优先级(1=最高,3=普通,5=最低) |
X-Mailer |
|
Received-SPF |
SPF 验证结果(pass/fail/neutral) |
Authentication-Results |
包含 SPF/DKIM/DMARC 综合验证结果 |
X-Transport-TLS |
加密传输标识(如 TLSv1.3) |
X-Spam-Score |
垃圾邮件评分(如 3.2/5.0) |
X-Spam-Status |
垃圾邮件判定结果(Yes/No) |
X-Report-Spam |
垃圾邮件举报链接 |
子段中的类型
Content-Transfer-Encoding 类型
- 7bit/8bit:ASCII 文本
- quoted-printable:非 ASCII 字符转码
- base64:二进制附件编码
Content-Type: text/plain;charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Content-ID: text-body
Content-Type: text/html;charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Content-ID: html-body
Content-Type: text/plain; charset="big5"
Content-Transfer-Encoding: base64
Content-Type: text/html; charset="big5"
Content-Transfer-Encoding: quoted-printable
厂商邮件头
Header Name |
Description |
Precedence |
邮件类型标记(bulk=批量邮件,list=邮件列表) |
Delivered-To |
实际递送地址(可能不同于 To 字段) |
X-Google-Smtp-Source |
Gmail 内部路由标识符 |
X-Received |
|
ARC-Seal |
|
ARC-Message-Signature |
|
ARC-Authentication-Results |
|
Return-Path |
|
Received-SPF |
|
Authentication-Results |
|
Delivered-To: xxx@gmail.com
Received: by 2002:a05:c01b:0:0:0:0:0 with SMTP id a3mr22455704pbc.2;
Fri, 17 Mar 2023 09:05:07 -0800 (PST)
X-Google-Smtp-Source: AGYAAAQZ0/+9gKwJgKYQyYKYQyYKYQyYKYQyYKYQyYKYQyYKYQyYY
X-Received: by 2002:a05:c01b:0:0:0:0:0 with SMTP id a3mr22455704pbc.2;
Fri, 17 Mar 2023 09:05:07 -0800 (PST)
ARC-Seal:
ARC-Message-Signature:
ARC-Authentication-Results:
Return-Path: <xxxx@bounce.xxx.com>
Received: from xxx.com (xxx.com [xxx.xxx.xxx.xxx])
by mx.google.com with ESMTP id 1si15401pbc.2.2023.03.17.09.05.07
Received-SPF: neutral (google.com: xxx.com does not designate permitted sender hosts)
Authentication-Results: mx.google.com;
dkim=pass header.i=@xxx.com; ...
dkim=pass header.i=@xxx.com; ...
spf=pass (google.com: domain of xxx.com designates xxx.xxx.xxx.xxx as permitted sender)
dmarc=pass (p=NONE sp=NONE disposition=none)
。。。
Header Name |
Description |
X-SendCloud-UUID |
|
X-SendCloud-LOG |
|
X-SendCloud-NEW |
|
X-Engagelab-UUID |
|
X-Engagelab-LOG |
|
X-Engagelab-NEW |
|
邮件头分析工具
典型应用场景
- 追踪邮件路由:分析
Received
头链
- 验证发件人真实性:检查
DKIM-Signature
和 Received-SPF