As an Amazon Associate I earn from qualifying purchases @AMAZON
Apple Mail Security: Viewing Mail Headers
Spammers generally use skanky mail servers to send spam and/or programs like Microsoft Outlook, which a corporate email service would not use to send messages.
By using custom message headers, sometimes red flags pop out like mushrooms. But most email programs hide nearly all the headers, thus making these red flags invisible.
MPG also strongly recommends disabling loading of remote content.
Various options to detect bogus /spam email exist:
- Helper apps like Mail Spy.
- Viewing additional messagen headers for all messages as in Configuring Apple Mail message headers below.
- Showing all message headers or specific message headers for all messages, or on a case-by-case basis (notes that follow next, below).
Viewing all message headers
Full mail headers can be viewed by showing or hiding message headers or by viewing the message source code:
Viewing message headers for a particular message
Add theitem in the toolbar to allow clicking headers on/off for a mail message on a case-by-case basis:
Viewing specific message headers for every message
First, which custom headers to add? Too many headers and the clutter becomes a problem. It’s worth looking at the source code of an email to get an idea, particularly the nastier ones. Spam varies and it may be worth tailoring the message headers to your own crop of incoming spam.
To configure which message headers are shown, first open Apple Mail preferences. Choosein order to add/remove headers. At the least, add and as shown:
Below, a legitimate email with all the headers showing. Problematic emails typically show 2 or 3 or even more clues that the email is a spammer / phisher.
Below, a dangerous phishing email with all the headers showing. Problematic emails typically show 2 or 3 or even more clues that the email is a spammer / phisher. In this case, it should be obvious that UPS.com would not be sending email from beyondthebedd.com. Note also the capitalization errors and non-professional terminology in the footer.