3

I'm no novice on networking technology, but one thing I don't really know much about in detail is email and headers. How does email work SPECIFICALLY?

I'm getting spam in my hotmail inbox when I've made painful attempts to not give out my actual email. I use my own domain name to forward email to my inbox using several aliases. Yet now I'm getting spam with no address in the to: line, or also "undisclosed recipients". Looking at the headers is of no help whatsoever.

So from a technical standpoint, I have to wonder... if I send an email to a certain address in my personal domain and it gets forwarded to my hotmail account, how does hotmail know what inbox to dump the message in if that address is not listed in the headers?

Mirrana
  • 197
  • 2
  • 10

2 Answers2

13

This is a fairly common source of confusion. There are two places in a standard email transmission where the to: address is specified - once in the "envelope" and once in the visible email headers.

The envelope recipient address is specified during the SMTP transaction, and you will never see the value that is set there. It is solely used by the SMTP server to route the message.

The to: header in the email itself is optional, which is what you're seeing in your hotmail account.

Here's the flow of a standard SMTP transaction:

erik@host:~$ telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 localhost ESMTP Postfix (Ubuntu)
helo example.com
250 localhost
mail from: erik@example.com
250 2.1.0 Ok
rcpt to: jimbob@example.com
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
To: foobar@example.com
Subject: This is the subject

This is the message body.
.
250 2.0.0 Ok: queued as 19CE221FDA

The address specified after rcpt to: is the the envelope recipient address. The address specified in the to: line after data is what shows up in your email client. These two values do not have to match, and as mentioned earlier, the to: in the data portion is optional.

EEAA
  • 109,363
  • 18
  • 175
  • 245
  • 2
    Just to elaborate on ErikA's answer the SMTP command to specify the envelope recipient is `RCPT TO:` – James Park-Watt Nov 06 '12 at 15:43
  • Why isn't this considered in spam filters? I'd assume most email is sent from person A to Person B with the same To: field – TheLQ Nov 06 '12 at 15:49
  • 1
    @TheLQ - that would be an invalid assumption. Additionally, spam filters have **zero** visibility to the envelope recipient, so it would be impossible to filter on. – EEAA Nov 06 '12 at 15:50
  • 3
    @TheLQ that would break all the distribution lists, mailing lists, and other BCC functionality that use the envelope/to distinction in order to avoid either mailing everyone their own personal copy of the email or sending an email with everyone's address visible in To or CC – DerfK Nov 06 '12 at 15:54
  • @ErikA Interesting. Is there any way to setup my own email server to receive and store my own personal emails, and guarantee that I can see all this information? – Mirrana Nov 06 '12 at 16:29
  • @agent154 - well this is becoming off-topic due to the fact that this is a personal project (as opposed to something you're doing professionally), but yes, any SMTP server logs will show both the envelope sender and recipient. – EEAA Nov 06 '12 at 16:37
  • 1
    Some mail delivery agents (Exim is one) allow an Envelope-To header to be added to the message. This header should never be seen on a message in transit. I use this header in my `.procmailrc` to route email. – BillThor Nov 07 '12 at 00:50
5

To add to ErikA's answer: think of a regular letter you send by post. You write the letter on some kind of stationary with a letterhead, containing sender and recipient addresses, a subject line and other information. A classical example is shown here: http://en.wikipedia.org/wiki/File:Einstein_Szilard_p1.jpg. This corresponds to the email headers your mail client displays.

Then you put that written letter into an envelope. The information in the letter is not visible to anyone, because the letter is stuffed into the envelope. You have to write the sender and recipient addresses on the envelope itself for the post office to be able to deliver the letter. This corresponds to SMTP envelope headers.

If the information on the envelope is not correct the post office cannot and will not deliver the letter. SMTP behaves just the same.

If, however, the actual letter itself does not contain a proper letterhead there are no real consequences. Sure, the recipient will not be pleased and your letter will be considered bad form, but this does not affect the post's ability to deliver the letter. The post only looks at the envelope, not the actual letter itself. Email delivery via SMTP works the same way. It even uses similar terminology.

Because of this you can find email in your inbox that does not have proper email headers, such as To:, From: or Subject:. What matters for delivery are the SMTP envelope headers. Nothing else.

daff
  • 4,809
  • 2
  • 28
  • 27