Skip to main content
Penn Information Systems & Computing Systems Home

Search form

Getting system status
  • Get Started
    • IT Staff
    • Faculty
    • Staff
    • Students
    • Alumni & Guests
    • ISC Staff
  • Services
    • — Services A to Z —
    • Accounts, Access & Security
      • Access Management Services
      • Active Directory
      • Identity Management Services
      • Information Security Services
    • Applications & Data Analytics
      • Application Development & Delivery
      • Data Analytics
        • Data Analytics at Penn
      • Integration Development & Delivery
    • Backup, Storage & Platforms
      • BackItUp
      • Cloud Solutions
      • Data Center & Colocation Solutions
      • Database & Application Platform Support & Consulting
      • Endpoint Management
      • Recovery Solutions
      • Storage
      • Virtual Desktop
      • Virtual Server Hosting
    • Community, Support & Learning
      • Classroom Technology Services
      • Desktop Engineering
      • IT Community Events
      • LinkedIn Learning
      • Tech Center
    • Consulting & Professional Services
      • Brokered Products
      • HireIT
      • Systems Support & Consulting
      • Technology Forecasting
    • Email, Calendaring & Collaboration
      • Classlists
      • Penn Email Routing
      • PennBox
      • PennNet Mailing Lists
      • PennO365
      • PennZoom
      • SMTP-Relay
      • Secure Share
    • Networks & Connectivity
      • Firewall Services
      • Network Design & Installation
      • PennNet
        • Network Names & Numbers
        • MAGPI (Penn's Internet2 Regional Optical Network)
      • PennNet Ethernet Ports
      • Wireless at Penn
    • Phone, TV & Video
      • Contact Center
      • Live Video Streaming
      • Penn Video Network
      • PennFlex Phone
      • Traditional Telephony
      • Video Content Management
      • Video Production
        • Producing Video Content
    • Web Hosting
      • Web Hosting Service
    • — Service Rates —
    • — Service Level Agreements —
  • Security
    • Office of Information Security
    • Security Services
    • Special Projects
    • Policies & Procedures
    • Training & Awareness
    • Penn SecureIT program
  • Collaborations
    • Computing Policies
    • Engaging Penn’s IT Community
    • Identity & Access Management
    • Penn IT Strategic Plan
    • Cloud First
    • Next Generation Unified Communications
    • Penn Bot
    • IT Advisory Groups
      • Common Solutions
      • IT Roundtable
      • Network Policy Committee
      • Penn Technology Investment Committee (PTIC)
        • About PTIC
        • The PTIC IT Development Fund
    • Special Interest Groups (SIGs)
      • Audio-Visual (AV-SIG)
      • Cloud Computing (Cloud-SIG)
      • Data Visualization (DataViz-SIG)
      • Developer SIG (Dev-SIG)
      • High-Performance Computing (HPC-SIG)
      • Instructional Technology SIG
      • Linux SIG
      • Macintosh Networking Group (MacNet)
      • Mobile Technologies (Mobile-SIG)
      • O365 Special Interest Group
      • PC Networking Group (PC-Net)
      • Project Partners SIG
      • Security SIG
      • Social Media SIG
      • Splunk Special Interest Group
      • Super User Group (SUG)
      • Web SIG
    • Technology Services Strategy Review Board
  • News
  • About
  • Hot Topics
  • Get IT Help

You are here

Home » Email Headers

Email Headers

Similar to the way a letter sent through the postal service, an email goes through several hubs, carriers, and routes on its way to your inbox. Unlike a letter, you have the ability to access information about the path an email took before reaching you. This information is contained in a block of data called the email’s headers.

Headers are appended to the email by the various servers that route it to your email provider. Since headers don’t tell you much about the content of an email, your email software doesn’t display them. Header information can tell us about the origin of an email, and about some of the decisions, your email service made when it accepted it from the sender’s email service. As such, it’s important to include an email’s header information when reporting it as suspicious to your IT support staff. Header information makes it easier for the IT support staff to determine whether the message was genuine and help them block other malicious messages.

Unfortunately, most email software does not include an email’s original header information when simply forwarding it. To view an email’s headers:

Office 365 Outlook (Windows)
  • To view an email’s headers:
    • Open the email message 
    • Click File on the upper left-hand corner of the message
    • Select Properties
    • Locate the email headers in the Internet Headers’ box
Image of Office 365 email for Windows - Internet Headers

 

  • When reporting an email as phishing or a scam please forward the email as an attachment
    • Click the arrow next to the More button
    • Select Forward as Attachment

​

Office 365 Outlook-Forward Header for Windows
Office 365 Outlook (macOS)

To view an email’s headers

  • In the message list in Outlook, right-click on the email’s entry
  • Select View source, as shown here:
Office 365 outlook for Mac OS_view headers

A plaintext version of the email will appear in a new window in Apple’s TextEdit program, complete with header information.

To report an email as a scam or phishing to your IT Staff, please forward the message as an attachment.

  • In the message list in Outlook, right-click on the email’s entry
  • Select Forward as Attachment as shown here:
Office 365 outlook_ forward headers
  • A new email composition window will appear, with an attachment listed. That attachment is a full copy of the message you’re reporting, including its headers.
  • Send the new email to your IT staff.
Gmail (web browser interface)

To view an email’s headers:

  • Click on More - the three dots next to the reply button
  • Select Show original
  • The headers block is displayed in a new window
Gmail_viewing email headers

Note: Some information was erased to deidentify the sender and recipient

When reporting an email as phishing or a scam please forward the email as an attachment.

  • Open the suspicious email
  • Click the More button (three dots next to the reply button)
  • Select Download message as shown here:
  • Compose a new message to your IT staff
  • Attach the message you downloaded to the new message and send to your IT staff
Apple Mail

To view an email headers

  • Click on the email in your inbox to select it
  • From the View menu, access Message à Raw Source as shown here:
  • A new window will open inside the Apple Mail application, showing a plaintext view of the email, complete with headers

When reporting an email as a scam or phishing message to your IT Staff, please forward it as an attachment.

  • Right-click on the email in your inbox
  • From the resulting menu, select Forward as Attachment as shown here:
  • A new email composition window will appear that will include a copy of the suspicious email as an attachment
  • Send the new email to your IT Staff
Other Email Clients

To view email headers in other email clients visit https://mediatemple.net/community/products/dv/204644060/how-do-i-view-email-headers-for-a-message 

Visit ISC on LinkedIn

Print
InfoSec Home
Resources
  • Phishing & Spear Phishing
  • Phishing Email Messages Seen at Penn
  • Desktop Security 101
  • Malware
  • Information Security Training & Awareness
Contact InfoSec
  • Computing Policies
  • Tech Jobs @ Penn

© 2025 THE UNIVERSITY OF PENNSYLVANIA — 3401 Walnut Street, Philadelphia, PA 19104 — Report accessibility issues and get help — For ISC Staff