Product » Xeams » Knowledge Base
|Subject:||Difference between envelope and header from|
|Creation date:||8/17/17 2:39 PM|
|Last modified on:||8/17/17 2:39 PM|
Envelope vs Header FROM
The sender's email address is specified twice when email messages are delivered from a sender to recipient.
This article tries to explain the difference between these two addresses in non-technical terms.
As described in another article that talks about SMTP Relay
, the design of our modern
email system is based upon snail mail. Therefore, in order to understand how email works, we are going to analyze
how snail mail works.
There are two parts of any package you receive from your regular postal mail: An envelope and a letter inside that envelope.
Part 1 - The Envelope
It contains the following information:
- Sender's name and address - tag 1 in the image. If a package cannot be delivered, the post office will use this address to return it back to the sender.
- Recipients name and address - tag 2 in the image
- A stamp by the post office containing the time and the name of the town - tag 3 in the image
This letter appears to have been sent by James Baker
who works for XYZ, Inc.
- It is very easy to forge the sender's name and company name
- Post office will deliver the message without opening the envelope
- Post office will stamp the letter on the upper right hand corner with current date and the location where it came from
- If the letter goes through multiple post offices, all of them have the option of stamping the envelope
Part 2 - Actual Letter
This contains the following information:
- A header towards the top - tag 1 in the image
- This header containing sender's information (tag 2) and possibly a date when the letter was composed. (tag 3)
- Actual body, which appears at the bottom
- Notice the name of the sender is Jack Smith, which is different than what was specified on the envelope
- If Mary did not look at the envelope, she will think the letter was sent by Jack Smith who also works for ABC, Inc., the same company
that Mary works for
- The sender could have easily put an invalid date as well as their contact information in attempt to make her believe Jack Smith is the sender
- If Mary is not careful and does not detect any fraud, she may take action that should would not have taken otherwise.
Similarities with Email
Since email system are designed based on snail mail, it also contains an Envelope and Letter. There are a few differences, which are mentioned below. This
communication is based on RFC 5321
Part 1 - The Envelope
Envelope is the communication between and SMTP Client and Server. See a sample envelope on the right side.
Messages sent by client are indicated by
C: and server's responses are indicated by
Following is true with an email envelope.
- The client and server first greet each other with a HELO command.
- Client sends a
MAIL FROM command representing the sender's email address. This value is also used to
send a non-delivery report (NDR) when message cannot be delivered.
- The server response with a
250 OK if this sender is acceptable.
- Next, the client sends one or more recipient's email address using the
RCPT TO command.
- Again, the server responds with a
250 OK, provided the recipient is acceptable. If the server returns a rejection
code, the sender will generate an NDR. In this case, the actual message will never get sent to the receiving SMTP server.
- It is very easy to specify a fake/forged address in the
MAIL FROM command
- The receiving server has the ability to check a few things, such as sender's IP address, MX record and FQDN before accepting any email.
S: 220 foo.com Service Ready
C: HELO bar.com
S: 250 OK
C: MAIL FROM:<email@example.com>
S: 250 OK
C: RCPT TO:<firstname.lastname@example.org>
S: 250 OK
S: 354 Start mail input;
C: Actual email is sent here
S: 250 OK
Part 2 - Actual Email
When user gets the email, they do not see the envelope. Email clients only display the "Letter". This message must conform to rules specified in
- An email is divided into at least two parts: Header and Body
- Header is used to contain some meta data about the message, such as Sender's name and email, date it was composed, subject and others.
- The sender's email address and name is specified in the
FROM header and its value looks like
Mary Jane <email@example.com>.
- The sender's email address can be different from the envelope's
- Since an email client will only display the FROM header (RFC5322.FROM), the user will never know what was the value for the RFC5321.MAILFROM in the envelope.
When are these values used
The following table summarizes the two different values for the sender.
Envelope From (RFC5321.MAIL FROM)
- Used by the SMTP server to generate NDR
- Used by SPF filter to determine if it came from the designated IP address.
Header From (RFC5322.FROM)
- Used by the email client to display information in the From field.
- Used by DMARC filter to confirm if the message is authentic
Add a comment to this document
Do you have a helpful tip related to this document that you'd like to share
with other users? Please add it below. Your name and tip will appear at the
end of the document text.