Why did my message bounce? The email header can tell you
Your email is hiding something: All the steps that show how each message got from sender to recipient. Lucky, this secret is not hard to crack – just have a look at the full header. If you need to figure out why a message bounced or report scam emails, this extended header has all the information you need. So where do you find it?
by Alyssa SchmittWondering why your email bounced? Look at the full header to solve the mystery!
What is a full email header?
Also known as a “long header” or an “extended header,” the full email header goes beyond the “To:”, “From:” etc. that you are used to seeing at the top of every email. Even though they are not displayed unless you specifically look for them, extended headers can be found on every email that is sent or received.
Extended headers in general contain information for postmasters and system or email administrators; however, all email users can also view them. Even though they can sometimes be extremely long and contain what looks like a lot of technical gibberish, they are important if you want see why an email was rejected (bounce message), if an email is from who the sender address appears to be from, and/or identify scam/spam attempts.
When you log into your mail.com email in your web browser, the extended header can be found by clicking the small i button on the top right of a message.
Click here to view the extended header
Good to know: How do I see the full email header in Outlook and Gmail?
Because the long email header contains such useful information, most email providers make it possible to view it in just a few clicks. For example:
In Outlook: Click on the 3 dots at the top right of an email, then click View > View message source.
In Gmail: Click on the 3 dots at the top right of an email, then click Show original.
Is this email spam?
Before we show you what a full email header looks like and how to read it, it’s important to understand a what happens behind the scenes when an email is sent.
As a rule, almost every email provider has several different outbound mail servers that they send messages from, and these can have reputable or non-reputable IP addresses. These different IP addresses can be used to easily classify messages as spam or non-spam as well as protect the company’s “good” – i.e., reputable – server IP addresses in case of spam waves or avoid being blacklisted by other providers.
Email providers have automated processes that can classify a message sent by their services as spam or non-spam. This classification is based on commonly used spam keywords as well as non-accepted characters in the subjects or bodies of emails, the rate of emails being sent by certain accounts, and more. Additionally, there are certain authentication protocols such as DKIM/SPF/DMARC that show if providers or emails sent by them pass their established verification criteria.
Such information is automatically included in the full header of the outgoing email. Afterwards the receiving provider can act accordingly: If a message is sent by a non-reputable IP or is classified as spam, the receiving provider can decide to land the message in its Spam/Junk folders or to reject it altogether. The latter results in the email being “bounced” back to the sender.
If you are interested in reading more about our email and spam protection policies and processes, you can visit the mail.com Postmaster site.
What does the extended header of a bounced email look like?
Now comes the moment you’ve been waiting for: the full header reveal. This is the extended header of an email that was classified as spam and bounced back to a mail.com email account:
Extended header of a bounced email message
In this email header example, the message includes information such as the sending and receiving addresses, potential CC of the message, the subject, as well as other information that can be used to identify reasons of the rejection:
Spamhaus is an online Blacklist Database which mail.com cooperates with.
82.165.159.131 & 82.165.159.130 are mail.com’s “bad” – non reputable IPs.
In this case, mail.com classified the message as spam, forwarded it through our 82.165.159.131 IP and the receiving provider (yahoo) has decided to reject all messages originating from that specific IP.
That can also be seen on the X-Spam-Flag: YES (the other option is X-Spam-Flag: NO)
And UI-OutboundReport: Junk:10; (the other option is UI-OutboundReport; NotJunk: 1; )
What can I do if my email is marked as spam and bounces back?
What can you as a customer do about a bounce email like this? Unfortunately, in cases such as having your email sent through a non-reputable server or blocked by Spamhaus, the problem will have to be addressed by your internet service provider. As a mail.com user, you can contact our customer support for assistance.
In general, you should always avoid sending out emails with “spammy” words in the subject line that could trigger an automatic spam filter. In addition, be sure not to send out unwanted bulk emails that could result in you being flagged for spamming.
Pro tip: Identifying “spoofed” emails using the full email header
The long header of your email is not just useful for figuring out why an email bounced. If you receive a fishy email that seems to be from the email address of a friend, family member, or trusted business, the extended header can also tell you if the address has been falsified, or “spoofed.” To learn more, see our explainer: How can I identify a spoof email?
We hope you found this deep dive into the extended header useful! We look forward to your feedback below.
And if you still don’t have a free email from mail.com, you can create an email account today!
