List of X-Header’s and their meanings

  1. Home
  2. Knowledge Base
  3. List of X-Header’s and their meanings

This documents headers specific to SurgeMail, this list is incomplete, if you see headers you want explained just email us and we’ll update it 🙂

X-Mash: sameipIndicates the message has similar content and source ip address to a spam message.
X-Country: code=US country=”United States” ip=104.140.143.54Uses a database to guess the country of origin based on the ip address, about 99% reliable.
X-Qnum: 1234The message que entry number (unique on this server) and used in all log entries
X-NotAscii: charset=XXXXRecords the charset used in the message if it’s something special (other than plain ascii)
X-SpamContent: IsSpamSimple content filter to try and detect ‘spam like’ messages
X-LangGuess: EnglishA guess at what language the email message is written in (not 100% accurate)
X-MyUrl: Color=Black found=izaprkg.comNetWin’s own url blacklist.
X-Phrase: IsSpam score=1.00Content filter based on popular spam phrases
X-Verify-Helo: -ERR missmatch: mail.izaprkg.com->104.206.192.217->.fake_nodotsResults of analysis of the ‘helo’ name from the sending server, the ip address should translate back to the name
X-MyRbl: Color=Unknown (rbl) Age=0 Spam=0 Notspam=0 Stars=0 Good=2 Friend=0 Surbl=0 Catch=0 r=0 ip=104.206.192.217Results from NetWin’s database of ip addresses/history/reputation
X-IP-Stats: No info recorded yet ip=104.206.192.217Show local information about that ip address
X-Encryption: SSL encryptedTrue if the message was sent to this host using SSL encryption
X-Dmarc: reject (or none or quarantine)Exists if message passes DMARC/DKIM and has a dmarc rule.
X-UrlForgery: …Url appears to be pointing at a different domain than it claims
X-Triplet: …Records a match with previous spam/notspam message based on from/ip/subject matching
X-FromBadDom: TrueTrue if the text part of the from header contains a domain name that isn’t in the email address.

Was this article helpful?