Please help me make some order with email headers.
What does each of the following mean: return-path, sender, from.
The question is being asked in the context of an email receiving app (let's say a posterous clone).
The return-path header (return-path header, in English) is an SMTP email source address (SMTP MAIL FROM, in English) used to process the bounces that occur in your emails. It can also be called reverse path, sender, sender, MAIL DE, 5321-DE, sender, De_ and Errors a. This address receives information on all bounces.
The return-path is used to process bounces from your emails and is set in the email header. It defines how and where bounced emails will be processed. The return-path can also be referred to as a bounce address or a reverse path, and is an SMTP address that is separate from your sending address.
Email messages contain two “from” addresses: the “envelope from” (e.g., return path) and the “header from” (e.g., the friendly from). The “envelope from” is the return address. It tells mail servers where to return or bounce the message back to, when relevant.
For email, the return address is the Return-Path . Inside of the envelope might be a letter and inside of the letter it may direct the recipient to "Send correspondence to example address". For email, the example address is the Reply-To .
Based on my experience -
From is the person that wrote the email. This can be set by the user's mail software.
Return-Path is the address where bounce messages (undeliverable notifications, etc.) should be delivered. It can be set by the sending or receiving mail server, or sometimes by the user's mail software. For a normal message, it is usually the same as the From address. Some messages (often system generated messages) may use a different Return-Path, and bounce messages typically leave it blank.
Sender is the person that sent the email, if different than the From ("Sent by Sender on behalf of From"). Sometimes this is set by the user's mail software, and sometimes by their mail server. This, if present, should be different from the From address.
These headers can all be faked pretty easily, so verification is pretty much out.
However, if the sending domain has an SPF record, you can verify the Received headers against the list of approved mail servers for that domain. That will at least tell you whether or not the message really came from that domain, but that doesn't guarantee that the particular user sent it (it could be spoofed by another user on the same domain). Plus, not all domains publish SPF records, so it's not always an option.
The "From" Header it intended to be the Person that the message is from. It is who the recipient's email client should display the message is from.
The Return-Path header specifies where replies (or bounces/NDR's) should be delivered. This may be different that the "From" address in the case of mailing lists, and many automated messages where bounces are sent to a system that removes non-deliverable addresses.
The sender can be thought of as a more specific version of the From header. If the message was originated by somebody, or some other system that the actual 'From' address. Examples might be gmail when it is configured for a domain not hosted by Gmail. In this case, the From header would contain '[email protected]', but the Sender will be '[email protected]'. Many mail clients now render this as '[email protected] on behalf of [email protected]'. The "Sender" header should be used for mail authentication (SPF/DKIM) purposes since that is the system that actually originated the message.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With