Custom headers in Email lost?

Question

I have some questions about custom mail headers

Does anybody know of any mailserver which deletes proprietary/custom headers when being transmitted to its destination?

Is there a header you can set in order to force a mail client to return a certain header when sending a reply to a message that has exactly this header?

Does a custom header always begin with X- ? Is it safe to use others?

Is it generally discouraged to use custom headers? How else could I transmit information that doesn't belong to the body and shouldn't directly be seen by the user?

PS: I know there's a similar question but this doesn't fully response to this question.

Thanks and regards

score 6 · Accepted Answer · edited Oct 07 '21 at 07:34

6

Mail servers can be programmed to insert or remove any header along the way
822 promised that the IETF would never define field names beginning with X-. It did not prohibit use of non-X names by other organizations.
Please try not to use custom headers that do not begin with X-

Update: Deprecating the "X-" Prefix and Similar Constructs in Application Protocols

edited Oct 07 '21 at 07:34

Community

1

answered Mar 04 '11 at 19:53

adamo

6,925
3
30
58

1

Also duplicate headers can be added. This is relatively common if email passes through the same anti-spam software on multiple servers, or if the original messages had forged anti-spam headers. By convention custom headers always begin X- ad this prevents name collisions with standard headers. – BillThor Mar 04 '11 at 21:12
The most common example of duplicate (even triplicate or more) headers, is the Received: header. – adamo Mar 04 '11 at 21:16
@adamo That is also an example of how the order of headers can matter. – kasperd Jan 08 '17 at 11:05

score 3 · Answer 2 · answered Mar 04 '11 at 19:48

I've never seen anyone use anything other than X to proceed a custom header. I can't say with absolute certainty that other letters won't work but I certainly wouldn't count on it.

Microsoft Exchange 2010 includes a feature called a header firewall that strips X-headers from untrusted sources (the internet) and this sort of thing exists in some SMTP security gateways too. Many admins will strip almost all non-critical headers off a message as it leaves to obscure any internal information.

X- headers are very commonly used by SMTP security software. Usually they add a few headers that explain the message's rating by the antispam/antivirus engines that scanned it. But, these things are done most of the time as a message is received inbound to a mail system. I haven't seen them used much on messages that you send out to the internet.

I get the sense that you're hoping to push the use of SMTP headers beyond where they were ever intended to go.

In terms of Internet mail, the Thread-Index: header that is used by Exchange and Outlook for mail threading is a custom header that does not begin with X- — adamo, Mar 04 '11 at 21:17

Custom headers in Email lost?

2 Answers2