Product Navigation

Learn How to View & Analyze Lotus Notes Header

Lotus Notes is one of the most secure email clients used by the large scale business organizations. It is basically used to share emails and other crucial data with reliability and security. The email messages send through this Lotus Notes not only contain the message content or attachment but also sends some basic information contained in the email header. Therefore, email header analysis has very important role in extracting the detailed information of specific emails. Hence in the following sections, a complete Lotus Notes Header analysis is performed in detail.

Importance of Lotus Notes Email Header

When a user sends a message through Lotus Notes, the server adds one unique field that is email header in lotus Notes. A user is in normal way can view only the basic sender and receiver information, but it contains a complete information such as routing information and contact information in the hidden form. Therefore, when a user receives an email in a Lotus Notes then he can easily view Lotus Notes email header.

To analyze the complete email header information, one can perform Lotus Notes header analysis that helps users in identifying email spamming and spoofing and understanding the email route in a better way. All of this information are changed by someone in a case of performing some wrong action. Therefore, Email Header Forensic is considered to be the most important evidence while investigating any cyber crimes.

How To View Lotus Notes Email Header

The users of Lotus Notes can easily view and read the email header, which is contained in email header in a hidden form. There are two different methods available to view complete email header. Now, to view email header in Lotus Notes one can use any of the two ways:

Shortcut to read Lotus Notes email header

  • First, select the message for which you want to view email header
  • Now, just press Alt + Enter on your keyboard
  • Document Properties is displayed, you can read header information through fields such as PostedDate, RouteServers, etc.

Standard manual to view Lotus Notes email header

  • First of all, open the message for which you want to read email header
  • Now, go to View tab and select Show option
  • After that, from the Show menu, select the Page Source to open email header information

View Lotus Notes Message Header

With the help of this procedure, a user can easily view the complete email header in Lotus Notes. A user can read and extract all the information contained in the email header.

Component of Email Message Header

When a user reads the header information of an email, then the Lotus email header is displayed as:

Analyze Lotus Notes Header

Received: The Lotus Notes mail header received field provides a complete detailed information of the message's history. It is helpful in case of when all the other headers have been forged, to draw some conclusion about the email origin.

DKIM Signature: It is a Domain Keys Identified Mail (DKIM). It is an email validation system that is used to detect the email spoofing. DKIM uses key server technology and a public-key cryptography to permit verification of the contents and source of the messages by using either MTAs (Mail Transfer Agent) and MUAs (Mail User Agent).

Purpose: This is basically used detect the email spamming and phishing to prevent the users from forged sender email addresses

To: The 'To' field in email header is described by the sender of the email. In Lotus Notes, the mail routing is only dependent on the envelope "To." "Moreover", "To:" email header in Lotus notes need not contain the message address.

Subject: The Lotus Notes email header subject field is a normal field specify by the sender, to describe the purpose of the sending an email.

Message ID: The email header message id field represents a unique identifier assigned to each message. Mainly it is of the form "". In this abc can be anything such as username and in the second part of name of the machine is specified that assigned a unique ID.

Note: Message ID with an empty string or not contain '@' sign is probably a forgery ID.

Date: As the name suggests, it determines the date of the message. Normally, it specifies the date when the message was composed and when sent. If this information is omitted by the sender's computer then it might be added by some other machine along the route. The user does not take it wrong as it can be possible that the clock of the sender is set wrong.

From: There are basically two types of From header in Lotus Notes:

From (without the colon): it indicates the "envelope From", generated by the machine that receives a message.

From (with the colon): it indicates the "message From:", contains information provided by the sender.

Reply-To: The Lotus Notes email reply-to field determines the address where reply will go. This email header field is also used by the spammers. Mostly the address in Reply-To junk emails are either invalid or of a normal user.

MIME Version: It is an another Lotus Notes email header. It only specifies the type of MIME protocol used by the sender. If someone changes the MIME type that means the message is manipulated or corrupted. This all type of information are helpful from cyber crime point of view.

X-Mailer-RecptId: The X-Mailer email header specifies that to send the message, which type of software used by the sender. X-Mailer-RecptID will specify the unique recipient ID.

X-Mailer-SID: Email header in Lotus Notes contains X-Mailer-SID that specify the schedule ID

X-Mailer-Sent-By: It basically describes the sender ID or we can say that account ID that identifies the user uniquely.

X-AntiAbuse: It is a type of header which is used to track anything abusive and added in abuse report

Content Transfer Encoding: It defines the standard way of enabling encryption to maintain the email authentication. Therefore, the type of encryption performed on message in generally specified by content transfer encoding.

This header mainly describes how the content of the message is interpreted by the MIME-compliant mail program.

Content Type: The Lotus Notes email content type field define the style or way in which emails get displayed in an application. Moreover, it is a different MIME header that tells what type of content is expected in the message. The structure of the message completely relies on content type. Different content types denote different structure of messages.


During cyber crime, the important parameter of investigation is the email analysis. All the emails are studied carefully to find evidence of the crime. Therefore, in the above section, we have discussed major part of email analysis that is Lotus Notes header analysis and understands the purpose of each header carefully. Also Lotus Notes email analyzer provides Forensic Email Search Tool to find any details within the emails