Mail and its hidden headers

Like many people, reader S. B. is concerned about spam. He writes:

Mail’s junk mail filters work pretty well for my use, but sometimes I need to open a message in the junk mail folder to determine if it is really spam or if it is coming from a new contact. I always keep the preview pane closed. In older programs I could view long headers or the raw source without opening the actual message. But in Mail, that is not an option, as these menu items are grayed out until you open the message. Is there a way around this? I realize that the junk mail filter does not initially load images, but I don’t know if it still pings the spammer’s server.

As you’ve observed, Mail doesn’t offer that option. Microsoft Entourage lets you view both long headers as well as the message’s raw source in a separate window. And Mozilla Thunderbird, while it won’t show headers with the preview closed, it will display the message’s raw source.

But before you dash off to install a different email application, let’s examine the real threat here. And that threat is HTML links—particularly links to graphics that, when loaded, send a little “yoo hoo!” message to the spammer, letting them know that they’ve found a live one. To keep these images at bay in Mail, choose Mail -> Preferences, click the Viewing tab, and make sure that the Display Remote Images in HTML Messages option is unchecked. This should keep you safe.

All you have to do from this point on is to be careful about loading images or clicking links in your messages. If you don’t trust or don’t know the source, take what you can from the text and leave the links and potential graphics alone.

If you’re still spooked by the idea of viewing headers along with a preview of a message—even without HTML turned on—you can follow this little tip from Macworld’s Gemmeister, Dan Frakes: Give Limit Point Software’s MailCM a try. This is a contextual menu plugin/pref pane that, among other things, lets you copy a message’s headers without opening or previewing the message. Of course you’ll have to then paste that header into a text document or empty email message in order to examine its contents, which seems like an incredible pain in the neck to me. But then, I’m not easily spooked.

Shop Tech Products at Amazon