If the to: email is removed, is there any senstive information in an email header?
The reason I ask is because I am starting a project (like many others) to document received spam. I plan to publish the headers (with my email and name removed).
So I am wondering if there is anyway spammers (or anyone else) could possible retrieve private information based on the header content
Thoughts?
Well, there's the routing path - the
Received
headers show which servers relayed it, together with their IP addresses. If you are worried about exposing DNS names and IP addresses there, you may want to remove them. There's alsoMessage-ID
, which should be unique at the origin server, but that is not really relevant in this case:So, the most relevant part would be the routing data - unless you use a hosted service where you can hide in the crowd (e.g. gMail), this could be used to guess the domain of the recipient.