Email SecurityAlso called: "email metadata", "message headers"
Email headers reveal the true origin and path of a message, crucial for investigating phishing and spam.
Key headers
- From/Reply-To: Sender addresses (can be spoofed).
- Received: Each mail server that handled the message.
- Return-Path: Where bounces should go.
- Authentication-Results: SPF, DKIM, DMARC verification outcomes.
- X-Originating-IP: Sender's IP address (if available).
Phishing detection
- Check Received headers for suspicious origins.
- Verify SPF/DKIM/DMARC authentication passed.
- Compare From address with Return-Path for mismatches.
- Look for forged Received headers (inspect timestamps).
Explore More Email Security
View all termsDKIM (DomainKeys Identified Mail)
Email authentication method that uses cryptographic signatures to verify that email content has not been tampered with in transit.
Read more →DMARC (Domain-based Message Authentication, Reporting, and Conformance)
Email validation system that builds on SPF and DKIM to prevent email spoofing and provide reporting on email authentication failures.
Read more →SPF (Sender Policy Framework)
Email authentication method that specifies which mail servers are authorized to send email on behalf of your domain.
Read more →