You receive an email and need to verify its origin or diagnose a delivery failure. The visible sender and subject line do not provide the technical details required for tracing. Full email headers contain the complete routing and authentication data for a message. This article explains how to access these headers in Outlook for troubleshooting.
Key Takeaways: Accessing Email Headers in Outlook
- File > Properties (Desktop App): Opens the message properties dialog where the full internet headers are displayed in a text box.
- Message > View > View Message Details (New Outlook): Displays the full header information in a new window for the selected message.
- More actions (three dots) > View > View message details (Outlook on the web): Shows the header details in a pop-up panel for messages in a web browser.
What Email Headers Contain and Why They Matter
An email header is a technical log attached to every message. It records the path the email took from the original sender to your inbox. The header information is not normally visible in the reading pane. You must use a specific command to reveal it.
Headers are essential for diagnosing delivery problems. They show each server that handled the message, with timestamps. You can see if the email was delayed at a specific point. Headers also contain authentication results like SPF and DKIM. These results help verify if an email is legitimate or spoofed. Technical support teams often request header data to investigate issues.
Key Fields Found in Headers
The header is a block of text with standardized fields. The From: and To: fields are the addresses you see. The Return-Path: indicates where bounce messages are sent. The Received: lines are the most important for tracing. Each mail server adds a Received line with its name, IP address, and the time it processed the message. Read these lines from bottom to top to follow the email’s journey.
Other critical fields include Message-ID, a unique identifier for the email. The Subject: field shows the topic. Authentication fields like Authentication-Results show if the sender passed security checks. The Content-Type field specifies if the message is plain text or HTML.
Steps to View Full Headers in Different Outlook Versions
The method to view headers depends on which version of Outlook you are using. The classic desktop application, the new Outlook for Windows, and Outlook on the web each have a different interface.
In Outlook Desktop App (Version from Microsoft 365 or 2021, 2019)
- Open the suspect email
Double-click the email in your inbox to open it in a separate window. You cannot view headers from the reading pane. - Navigate to File > Properties
With the message window active, click the File tab on the ribbon. Then select Properties from the menu on the left. - Copy the internet headers
In the Properties dialog box, locate the “Internet headers” section at the bottom. Select all the text in the large text box. Press Ctrl+C to copy it to your clipboard for analysis.
In the New Outlook for Windows (The Web-Based App)
- Select the email
Click once on the email in your message list to select it. You do not need to open it in a new window. - Go to Message > View > View Message Details
Click the Message tab on the ribbon. In the View group, click the “View Message Details” button. - Review and copy the headers
A new window titled “Message Details” will open. It contains the full header text. You can select and copy the text from this window.
In Outlook on the Web (OWA in a Browser)
- Select the email
Click the email in your inbox list to highlight it. - Open the More actions menu
Click the three horizontal dots (More actions) in the email’s preview pane or at the top of the message list. - Choose View > View message details
Hover over View in the dropdown menu. Then select “View message details” from the submenu. - Copy the header information
A panel will slide in from the right showing the message details, including headers. Select the text in the “Internet headers” section and copy it.
Common Mistakes When Analyzing Headers
Reading the Received Lines in the Wrong Order
The most common error is reading the Received lines from top to bottom. The header is assembled chronologically as the email moves. The first server to receive the message adds its entry at the top. The last server adds its entry at the bottom. To trace the path correctly, start reading from the bottom Received line and move upward. This shows the journey from origin to destination.
Ignoring Authentication-Results
Users often copy headers to check routing but overlook the Authentication-Results field. This field is critical for security analysis. A result of “pass” for SPF or DKIM means the sender’s domain authorized the message. A result of “fail” or “softfail” indicates a potential spoofing attempt. Always check this field when investigating suspicious emails.
Not Copying the Entire Header Block
When using the desktop app’s Properties dialog, the header text box may have a scroll bar. A mistake is only copying the visible text without scrolling. You must select all text in the box to ensure you capture the complete header data. Missing lines can make diagnosis impossible.
Email Header Analysis vs Basic Message Info
| Item | Basic Message Info (Visible in Inbox) | Full Email Header Analysis |
|---|---|---|
| Data Source | From, To, Subject, Date fields | Complete technical log with all routing and server data |
| Primary Use | Reading and organizing email | Tracing delivery path, diagnosing delays, verifying authenticity |
| Access Method | Always visible in the message list or reading pane | Requires specific command (File > Properties or View Message Details) |
| Key Technical Details | None | Received timestamps, server IPs, Message-ID, authentication results (SPF/DKIM) |
| Format | Formatted for user readability | Raw, unformatted text block with standardized field names |
You can now access the full email headers in any version of Outlook. Use this data to trace where an email came from and identify delivery bottlenecks. For a deeper analysis, paste the copied headers into a dedicated online header analyzer tool. Remember to always check the Authentication-Results field first when assessing a suspicious message’s legitimacy.