What is a header vs. envelope header?

Still have a question, spotted an error, or have a better explanation or a source we should cite?

Ever notice how a package's shipping label and the letter inside sometimes have different names? Email works the same way.

When you look at an email in your inbox, you see header fields: From, To, Subject, Date. These are defined by RFC 5322 and they're what humans read. The Header From is the name and address you see at the top of the message.

But before that email ever reaches your inbox, mail servers have already passed it around using a completely different set of instructions called the envelope. The envelope works at the SMTP level (RFC 5321) and contains two critical pieces of routing data:

  • MAIL FROM (Envelope From): The address where bounces get sent. This becomes the Return-Path header in the delivered message. It's also the address used for SPF checks.
  • RCPT TO (Envelope To): The actual delivery recipient. The server delivering the email needs this to know where to drop it off.

Here's where it gets interesting (and where spam happens): the Header From and Envelope From don't have to match. You can send an email that looks like it's from ceo@bigbank.com (Header From) but actually bounces to spammer@shady-server.net (Envelope From). This mismatch is how phishing works.

DMARC was invented to close this loophole. It enforces alignment between the Header From domain and either the SPF domain (Envelope From) or the DKIM domain. If they don't align, DMARC tells mailboxes to reject or quarantine the message.

Most senders never see the envelope because their ESP handles it automatically. But if you're debugging delivery issues or setting up custom mail servers, you'll need to understand this split. The envelope determines routing. The headers determine display. Mailboxes care about both.

Want to see the envelope details of a delivered email? Check the Return-Path header in the full message source. That's your Envelope From. (You can analyze full headers with our free Email Header Analyzer if you're debugging something specific.)

Contributors

Who worked on this answer

Every name links to their profile. Every company links to their site. Real people, real accountability.

Ask an AI · tailored to your setup

Get alignment help for your setup →

I read this on the Email Almanac about header vs. envelope header: "When you look at an email, you see header fields (From, To, Subject). But mail servers route the message using envelope data: MAIL FROM (where bounces go, used for SPF) and RCPT TO (delivery recipient). The Header From and Envelope From don't have to match, which is how spoofing happens. DMARC enforces alignment between them." Help me understand how this applies to MY setup. I need: 1. Why alignment matters for my sending: When mismatched domains hurt deliverability, when it's OK 2. How to check my current setup: What to look for in Return-Path, how to verify SPF/DMARC alignment 3. Common misconfigurations: Forwarding breaking alignment, third-party senders, subdomain mismatches 4. How to fix alignment issues: SPF record updates, DKIM signing, DMARC policy adjustments --- My details (the more you share, the better the advice): - Email platform/ESP: e.g. Mailchimp, SendGrid, custom SMTP - Sending domain(s): your domain - Authentication status: SPF/DKIM/DMARC, set up or not sure - Current issue: [e.g. emails going to spam, DMARC failures, forwarding problems] - What I'm sending: newsletters, transactional, both

Edit the yellow boxes, then send to the AI of your choice.