What is Email Header?

I receive some spam email, some email have sender in email header but some are not, or came from my email, I want to know a bit more about Email Header to analyze emails better.

An email has two parts – the body (the part that displays the message) and the header. Many people think of the email header as the place where you can see the subject line, the recipient, and the sender.
They are not wrong – but the above information is just the surface. In fact, email headers contain much more information related to email transmission, all this information is collectively known as metadata. So, to put it simply, the email header is the part that contains the metadata of the email.
Metadata contains a lot of information, including: “from” and “to”, the content type, the browser used to write the email, the date it was sent, and more.

What is email metadata? Let's find out
If you want to know more details about the email you receive or send, viewing the metadata is the easiest way. But keep in mind, metadata can still be tampered with.
That's right, almost every line (especially the "from" line of seeing where the message came from) can be spoofed – except Received. Therefore, to check the authenticity of emails, people will look at many different metrics.
Received is the stream your computer generates, so it's correct. The mail header can have multiple Received lines – these lines show you the servers your email travels to until it reaches its final destination.
Here is a list of all the information that the header metadata contains:

From – this is a line that can be faked easily. It contains information about where the message was sent.
To – where to receive the email (but not necessarily the recipient's email address).
Subject – see as the subject or subject that the sender puts on their email.
Date – the date and time the email was written.
Return-Path – also known as Reply-To. When you click the Reply button, you will reply to the email address specified here.
Envelope-To – shows email sent to the address on this line.
Delivery Date – this is the time when the email client receives the email.
Received – this line shows the servers the email went through to reach the recipient's mailbox. To read it over time, you have to read from the bottom (where the email was originally sent) to the top (the final destination of the email, or in this case, your computer).
DKIM signature and Domain Key signature – DKIM stands for Domain Key Identified Mail. Along with the digital signature of the mailing domain, both are part of the email signature recognition system.
Message-ID – it combines unique letters and numbers created when the email was first written (can also be forged).
Mime-version – MIME is the internet standard, to extend the format and functionality of email. You can attach videos, images, and other files with MIME.
Content-type – tells you whether the email is written in plain text or HTML.
X-Spam status – tells you the score of the email. If it exceeds the threshold, the email will be considered spam
X-Spam level – its level depends on the score of the email's x-spam status. For each score achieved, the x-spam level will show an asterisk.
Message body – this is the main body of the email – the actual message you send.

Hope that helps!

In a basic email account, there is an option whether to see the full header or not. It is an option where you can click once you open the message in the inbox. But if you can't see that button, there is always a customer service department that can answer your questions regarding their system.

A header is very important because it contains the IP or internet protocol address. This is a combination of numbers unique to every device connected to the internet. The number is provided by ISPs and they are included the email header. Aside from its uniqueness, it can also be used as a tracing tool since the IP address can be translated to an actual location.

There are many ways to trace down email sender. For those who are already familiar in finding the header on their inbox, then they can use that information to locate the sender quickly. More often than not, online companies will provide step-by-step instructions on how to access this information.

There is a simpler method to locate electronic mail sender - use websites dedicated in extracting the data you need. All you need to do is to copy and paste the message header and the website will extract the IP address. The IP (Internet Protocol) address can be used to determine the sender's location. An IP address is considered as the physical address of the message source. A single lookup in websites that can determine the physical address equivalent of the IP address will reveal the message source.

Hello,

An email header is the part of email that shows information about the mail sender, receiver and header also includes valuable information for efficient mail delivery.