From

This field indicates the name and email address of the sender.

To

This field shows the receiver’s name and their email address. Fields like CC (carbon copy- allows you to send a copy of your email to multiple recipients.) and BCC (blind carbon copy- same as CC but the main recipient of the mail will be unaware of other recipients you’ve included. As a result, a BCC email is a little more confidential than CC.) also fall under this category as they all include details of your recipients.

Date/Created at

This shows the time when the email was sent.

Subject

It refers to the topic/shortest summary of the whole message body in the email.

Return-Path

This mail header field is also known as Reply-To. If you reply to an email, it will go to the address mentioned in the Return-Path field.

Domain Key and DKIM Signatures

The Domain Key and Domain Key Identified Mail (DKIM) are email signatures that help email service providers identify and authenticate your emails, similar to SPF signatures.

Message-ID

This field is a unique combination of letters and numbers that identifies each mail. It is always unique - No two emails will have the same Message ID.

References

This indicate that the message is a reply to a previous message. This field contains the Message-IDs of all the replies in the thread.

• The References header makes "threaded mail reading" and per-discussion archival possible.

• The References header will grow in size with each reply in a series of messages.

In-reply-to

It is identifier for the message you are replying to. Most mail readers use this information to group related messages together. Normally, this header is filled in automatically when you reply to a message

MIME-Version

Multipurpose Internet Mail Extensions (MIME) is an internet standard of encoding. It converts non-text content like images, videos, and other attachments into text so they can be attached to an email and sent through SMTP (Simple Mail Transfer Protocol).

Received

This field lists each mail server that an email went through before arriving in the recipient’s inbox. It’s listed in a reverse chronological order - where the mail server on the top is the last server the email message went through, and the bottom is where the email originated.

X-Spam Status

The X-Spam Status shows you the spam score of an email message(usually created by your service or mail client).

Firstly, it’ll highlight if a message is classified as spam. Then, the spam score of the email is shown, as well as the spam threshold for the email.

An email can either meet the spam threshold of an inbox or exceed it. If it’s too spammy and exceeds the threshold, it will automatically be classified as spam and sent to the spam folder.

Content-Type

field indicates whether the format of an email body was HTML, TXT, or any other option.

DKIM-Signature

Domain Keys Identified Mail (DKIM) is an authentication method used to confirm that the email was authorized by the owner of the domain. The email is signed with a digital signature, which can be verified by checking the sender’s public key in the DNS records of the sender’s domain

SPF

Sender Policy Framework is an authentication method used by senders to specify hosts that are allowed to send an email on behalf of the domain. MTA (mail transfer agent) checks the sender’s DNS records to confirm that the email received from a domain is sent by a host listed in the sender’s DNS records.

Authentication-results

This header contains the results (pass/fail) of any SPF, DKIM, and DMARC checks that were performed.

SPF authentication check result options:

• None: either no valid DNS domain name was found, or no SPF record was found on the domain;

• Neutral: It's not stated whether the client's IP address is allowed;

• Pass: the client's IP address is allowed;

• Fail: the client's IP address is not allowed;

• Softfail: The client IP address is probably not allowed;

• Temperror: The SPF module encountered a transient (network) error while performing the check;

• Permerror: The domain’s published records could not be correctly interpreted. This signals an error condition that definitely requires DNS operator intervention to be re

DKIM authentication check result options:

• None: The email message has not been signed with DKIM so there is nothing for the mailbox provider to verify.

• Pass: The email message has a DKIM signature and passed the mailbox provider’s verification check.

• Fail: The email message has a DKIM signature but there was an error causing a verification failure. This result could mean that the message was modified during delivery or there was a major configuration error in the DKIM record on the sender’s server such as an unknown key version or unknown key type.

• Policy: The email message was signed with DKIM but it was not acceptable to the mailbox provider. This could mean the DKIM key length is too short.

• Neutral: The email message may or may not have a DKIM signature. If there is a DKIM signature, there was likely a syntax error preventing the message from being verified. This can also mean there was an error with no additional information.

• Temperror: The email message has a DKIM signature but experienced an error that is likely temporary. However, continually receiving this error may mean there is a lookup error retrieving the public key.

• Permerror: The email message has a DKIM signature but the message cannot be verified due to a permanent error. Additional attempts of verification will not succeed. This may mean a required header field is missing.

DMARC authentication check result options

• Pass: The email message has passed SPF authentication and SPF alignment and/or DKIM authentication and DKIM alignment
• Fail: The email message has failed SPF authentication and SPF alignment and/or DKIM authentication and DKIM alignment