TOC

各种邮件头

邮件中常见的邮件头

Header Name Description
From 发件人
To 收件人
Subject 邮件主题
Date 邮件发送时间
Received 邮件接收记录
Message-ID 邮件 ID
CC 抄送人
BCC 密送人
Reply-To 邮件回复
In-Reply-To 邮件回复
References 邮件引用
MIME-Version MIME 版本
Content-Type 邮件类型
DKIM-Signature DKIM 签名
List-Unsubscribe 退订
List-Unsubscribe-Post 退订
Feedback-ID MP 反馈环

不那么常见:

Header Name Description
Sender 实际发件人(MailFrom 地址)
X-Priority 邮件优先级(1=最高,3=普通,5=最低)
X-Mailer
Received-SPF SPF 验证结果(pass/fail/neutral)
Authentication-Results 包含 SPF/DKIM/DMARC 综合验证结果
X-Transport-TLS 加密传输标识(如 TLSv1.3)
X-Spam-Score 垃圾邮件评分(如 3.2/5.0)
X-Spam-Status 垃圾邮件判定结果(Yes/No)
X-Report-Spam 垃圾邮件举报链接

子段中的类型

Content-Transfer-Encoding 类型

  • 7bit/8bit:ASCII 文本
  • quoted-printable:非 ASCII 字符转码
  • base64:二进制附件编码
Content-Type: text/plain;charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Content-ID: text-body

Content-Type: text/html;charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Content-ID: html-body

Content-Type: text/plain; charset="big5"
Content-Transfer-Encoding: base64

Content-Type: text/html; charset="big5"
Content-Transfer-Encoding: quoted-printable

厂商邮件头

Header Name Description
Precedence 邮件类型标记(bulk=批量邮件,list=邮件列表)
Delivered-To 实际递送地址(可能不同于 To 字段)
X-Google-Smtp-Source Gmail 内部路由标识符
X-Received
ARC-Seal
ARC-Message-Signature
ARC-Authentication-Results
Return-Path
Received-SPF
Authentication-Results
Delivered-To: xxx@gmail.com
Received: by 2002:a05:c01b:0:0:0:0:0 with SMTP id a3mr22455704pbc.2;
    Fri, 17 Mar 2023 09:05:07 -0800 (PST)
X-Google-Smtp-Source: AGYAAAQZ0/+9gKwJgKYQyYKYQyYKYQyYKYQyYKYQyYKYQyYKYQyYY
X-Received: by 2002:a05:c01b:0:0:0:0:0 with SMTP id a3mr22455704pbc.2;
    Fri, 17 Mar 2023 09:05:07 -0800 (PST)
ARC-Seal:
ARC-Message-Signature:
ARC-Authentication-Results:
Return-Path: <xxxx@bounce.xxx.com>
Received: from xxx.com (xxx.com [xxx.xxx.xxx.xxx])
    by mx.google.com with ESMTP id 1si15401pbc.2.2023.03.17.09.05.07
Received-SPF: neutral (google.com: xxx.com does not designate permitted sender hosts)
Authentication-Results: mx.google.com;
    dkim=pass header.i=@xxx.com; ...
    dkim=pass header.i=@xxx.com; ...
    spf=pass (google.com: domain of xxx.com designates xxx.xxx.xxx.xxx as permitted sender)
    dmarc=pass (p=NONE sp=NONE disposition=none)
。。。

Header Name Description
X-SendCloud-UUID
X-SendCloud-LOG
X-SendCloud-NEW
X-Engagelab-UUID
X-Engagelab-LOG
X-Engagelab-NEW

邮件头分析工具

典型应用场景

  1. 追踪邮件路由:分析 Received 头链
  2. 验证发件人真实性:检查 DKIM-SignatureReceived-SPF
如果你有魔法,你可以看到一个评论框~