Home / server / Questions / 1161750
Accepted
Peter Saunders
Asked: 2024-06-30 01:34:35 +0800 CST

SMTP Header confusion - Delivered-To: and To: are different

  • 772

This is bugging me. I've looked at this thread: How can the `to:` and `delivered-to:` fields in an email i received be different?, but I'm still confused, so hope someone can shed some more light on this.

I received an email with the following header. I'm wondering why my email address ([email protected]) does not appear in the To: line, but only in the Delivered-To: line. Also has the same email been delivered to my colleague ([email protected]) and does the header in his email show mycolleague in the Delivered-To: line and myemail in the To: line?

(All the bits I've anonymised are in italics.)

Return-Path: <[email protected]>
Delivered-To: [email protected]_
Received: (qmail 2384 invoked by uid 0); 21 Jun 2024 08:45:15 -0000
Received: from unknown (HELO mx21.communilink.net) (103.24.176.73)
  by 0 with SMTP; 21 Jun 2024 08:45:15 -0000
Received: (qmail 2310 invoked by uid 0); 21 Jun 2024 16:45:13 +0800
Received: from unknown (HELO gzts-5.chinadns.net) (139.159.216.211)
  by 0 with SMTP; 21 Jun 2024 16:45:11 +0800
Received: from mx58.dns.com.cn (mx58.dns.com.cn [116.198.42.87])
    by gzts-5.chinadns.net (Postfix) with ESMTP id 1D5AE20520;
    Fri, 21 Jun 2024 16:44:55 +0800 (CST)
Received: from LAPTOP-KQJPA3SD (unknown [58.39.136.227])
    by mx58.dns.com.cn (DNS Email Server) with ESMTPA id 8071F212B1;
    Fri, 21 Jun 2024 16:44:54 +0800 (CST)
Date: Fri, 21 Jun 2024 16:44:55 +0800
From: ip <[email protected]>
To: _mycolleague_ <[email protected]_>
Reply-To: robert <[email protected]>, 
    trademark <[email protected]>
Subject: RE:  _mydomain_-Domains updated and renewal (Urgent to Principal/CEO)
Disposition-Notification-To: ip <[email protected]>
X-Priority: 1
X-Has-Attach: no
X-Mailer: Foxmail 7.0.1.92[cn]
Mime-Version: 1.0
Message-ID: <[email protected]>
Content-Type: text/plain;
    charset="gb2312"
Content-Transfer-Encoding: base64
smtp-headers

2 Answers

  1. Best Answer

    To repeat my analogy:

    For the postal service to deliver a letter to your mailbox, they look only at the address printed on the envelope.

    When I write a letter:

    To: Santa Claus
    North Pole 

Dear Santa,
I don’t want lumps of coal for Christmas.

    and put it in an envelope that says something like:

    Mr. Peter Saunders
Your Company and Partners
Street number and name
City, State , Zip code 
Country

    put a stamp on the envelope and drop it in a mailbox.

    The postal service only uses the envelope address and they do not care about the contents of that letter (not quite but mailing bombs or drugs is a completely different topic) but postman does not open the envelope to confirm that the letter in that envelope also says “Hi Peter!”

    They certainly won’t take that letter to Santa.

    That letter simply ends up in your mailbox.

    If you open that envelope and only look at the letter: you wouldn’t understand why you would get a letter addressed to Santa.

    But with the envelope in your hand it should be obvious how you got a letter addressed to Santa in the mail.

    More conventional would be letter like

    To: supplier name
  Supplier street address 

Subject: your faulty product 

Dear sirs 

….
A copy of this letter has been sent to my legal representative

    And putting the original in an envelope to the supplier and putting that copy in an envelope to your lawyer.

    ——————————

    The same happens in email: as a sender and recipient you typically see that as the Bcc: option to send somebody a blind carbon copy of the message.

    That Bcc does not get included in the list of recipients in the message headers and the other recipients, those on the CC and To: lines cannot see that someone else , the Bcc recipients, also received a copy of that message.

    But the addressee on the Bcc: still gets the message delivered.

    The Bcc recipients get a message where their email address is only used in the SMTP envelope but nowhere in the actual message. On the To: and CC: lines they won’t see their own address.

    When they look at raw message source, they may see that next to message headers from the email message the sender created , their mailserver also created additional headers , with some of the envelope data. Fairly typical additions by your mailserver are additional Received headers and that Delivered-To header which is the mailbox your mailserver used for delivery

    ——-

    The subject of the email you posted suggests spam or spear fishing which often uses the legitimate email behavior of Bcc messages

    • 7

  2. Short answer:

    • The To: header originates from the sender and is displayed by the recipient's email client.
    • The Delivered-To: header is added by some ultimate mailbox servers to indicate the actual delivery. Likely (but not necessarily), it mirrors the RCPT TO: from the SMTP envelope ("envelope-To").

    Unintuitively, both To fields are completely independent, technically. One common example where what you describe happens is when someone Bccs your address. It's also common with spamming.

    • 1