What is an email header?

Email header

An email header is the hidden metadata attached to every email message, containing technical details about who sent it, who received it, and how it traveled across the internet to reach its destination. This information helps email servers route messages correctly and allows recipients to verify whether an email is legitimate.

Think of it like the postmarks and routing stamps on a physical letter. The envelope shows you the sender and recipient, but the stamps reveal every post office it passed through along the way.

Two types of email headers

The term "email header" actually refers to two different things, and the distinction matters.

Visible headers are what you see when you open an email: the From name, To address, Subject line, and Date. These appear at the top of every message and help you quickly identify what you're looking at.

Technical headers are the hidden metadata that email servers use to process and authenticate messages. This includes routing information, authentication results, and unique message identifiers. You won't see these unless you specifically look for them, but they're working behind the scenes on every email you send or receive.

For email deliverability purposes, the technical headers matter most. They determine whether your message lands in the inbox or gets flagged as suspicious.

What's inside an email header

Every email header contains specific fields that serve different purposes. Here are the ones you'll encounter most often:

• From: The sender's display name and email address
• To: The recipient's email address (plus CC and BCC addresses, if any)
• Subject: The email's title as it appears in the inbox
• Date: When the message was sent, including time zone
• Message-ID: A unique identifier assigned to that specific email
• Return-Path: Where bounce notifications get sent if delivery fails
• Received: A record of every server the email passed through

The Received fields are particularly useful for troubleshooting. Each server that handles your email adds its own entry, creating a trail you can follow from origin to destination.

Authentication headers explained

Modern email relies on three authentication protocols to verify sender identity and prevent spoofing. Their results appear in the Authentication-Results field of your email header.

SPF (Sender Policy Framework) checks whether the sending server is authorized to send email for that domain. Domain owners publish a list of approved IP addresses in their DNS records. If the sending server isn't on the list, SPF fails.

DKIM (DomainKeys Identified Mail) adds a cryptographic signature to your emails. The receiving server checks this signature against a public key in your DNS records. If the signature matches and the message hasn't been altered, DKIM passes.

DMARC (Domain-based Message Authentication, Reporting, and Conformance) ties SPF and DKIM together. It tells receiving servers what to do when authentication fails and provides reporting so you can monitor abuse of your domain.

When all three pass, your emails are far more likely to reach the inbox. When they fail, spam filters take notice.

How to view email headers

Accessing the full header varies by email client, but the process is straightforward.

1. Gmail: Open the email, click the three-dot menu, select "Show original"
2. Outlook (web): Click the three-dot menu, then View > View message source
3. Apple Mail: Go to View > Message > All Headers
4. Yahoo: Click the three-dot menu, select "View raw message"

Once you're looking at the raw header, read from bottom to top. The oldest entries appear at the bottom, with newer ones stacked above. This shows you the email's journey in chronological order.

Why headers matter for email marketing

For anyone running email campaigns, headers directly impact whether your messages get delivered.

Inbox providers scan header information to decide if your email is trustworthy. Proper authentication signals that you're a legitimate sender, and consistent routing patterns build your reputation over time. Misconfigurations or suspicious patterns trigger spam filters.

Headers also help you troubleshoot delivery problems. If emails aren't arriving, examining the header can reveal where things went wrong: maybe authentication failed, or maybe a server along the route flagged the message. The header tells the story.

Common header problems to avoid

A few mistakes cause most header-related deliverability issues:

• Mismatched domains: When your From address doesn't align with your authenticated sending domain, it raises red flags
• Missing authentication: Sending without SPF, DKIM, and DMARC configured leaves you vulnerable to spoofing and spam filtering
• Inconsistent Return-Path: If your bounce address doesn't match your sending domain, some filters get suspicious

Most email automation platforms handle header configuration automatically. But if you're using a custom sending domain, you'll need to set up authentication records yourself.

FAQs

Can email headers be faked?
Individual fields like the From address can be spoofed, which is why authentication protocols exist. SPF, DKIM, and DMARC help receiving servers verify that the claimed sender is legitimate.

Do I need to configure headers manually?
Not usually. Email platforms generate most header information automatically. Your main responsibility is setting up authentication records (SPF, DKIM, DMARC) in your domain's DNS settings.

How do headers affect my open rates?
Headers don't directly impact open rates, but they determine whether your email reaches the inbox at all. Poor authentication can send your messages straight to spam, where they'll never be opened.

What's the difference between a header and a preheader?
The header contains technical routing and authentication data. The preheader is the preview text that appears after your subject line in the inbox. They serve completely different purposes.

Ready to improve your email deliverability? Start your free ActiveCampaign trial and get authentication set up the right way.