11

I'm retrieving emails from Gmail using PHP and IMAP; however, some emails don't have a messageid. Aren't all messages supposed to have a messageid?

I need a unique id for reference so i'm not sure how else to keep track of emails without it.

Am i doing something wrong?

For example here is an email header i get

 [date] => Sun, 06 Nov 2011 21:21:56 -0500
    [subject] => Daylight Saving Time?  Chili's Saving Time!
    [to] => -------@gmail.com
    [message_id] => 
    [from] => ChilisCorp@---.com
    [sender] => ChilisCorp@----.com
    [reply_toaddress] => ChilisCorpeclubsupport@---.com
    [size] => 14385
    [msgno] =>  156
    [status] => Unread

Thanks

vitalyp
  • 671
  • 4
  • 12
  • 23

2 Answers2

11

Any MTA I have ever encountered will add a Message-ID if one is not already present. However, if you need to keep track of messages or thread them, you will need to set a the Message-ID. The References header and the In-Reply-To header use the value of a previous Message-ID to relate messages together.

References contains a list of previous Message-ID values in the reply chain, and In-Reply-To contains the Message-ID to which the current message is a direct reply.

Note that according to the RFC-2822 specification, a Message-ID is technically not required. Well-behaved MTAs generally include one, but some commenters below describe instances where a Message ID was not present, causing failures in messaging clients.

Community
  • 1
  • 1
Michael Berkowski
  • 267,341
  • 46
  • 444
  • 390
  • But since there's nothing guaranteeing it, this doesn't stop a buggy/malicious MTA from using identical Message-IDs for different mails right? What's the best way to guard against this situation? – Pacerier Nov 01 '14 at 11:03
  • @Pacerier if your concern is making sure another MTA can't replicate your server's Message-ID, that is difficult. You could create the message ID as a hash of the message time, your hostname, and a secret key, which would make it hard to forge a Message-ID but I'm not sure you gain much. The only strong method of sender verification in email is PGP signing and encryption. – Michael Berkowski Nov 02 '14 at 01:21
  • 1
    An update to this old question: I have always believed a message ID is a "must" -- but I just discovered an email in my IMAP inbox that does not have one! I looked at the raw source. My IMAP-message reading software crashed because of this, like me it assumed there always is a Message ID. – Mörre Mar 17 '16 at 20:10
  • I also just discovered an email without a message_id too - it is obviously a spam email and doesn't show up in my webmail client... but it does when I log in through imap. – Simeon Jun 20 '17 at 22:28
  • @Simeon RFC-2822 does indeed say _though optional, every message SHOULD have a message ID_ https://tools.ietf.org/html/rfc2822#section-3.6.4 – Michael Berkowski Jun 20 '17 at 23:44
6

The message ID has nothing to do with IMAP but is part of the mail itself and specified in RFC 2822 as "optional" (although it says that it should be present):

Though optional, every message SHOULD have a "Message-ID:" field.

So you are not doing anything wrong if some mails lack a Message-ID. It happens for all the mails that the MUA that originally sent the mail did not generate one for (which however every commonly used MUA should do).

Concerning a unique ID for identifying mails via IMAP, you may want to have a look at the UID field described in the standard.

ChrisM
  • 1,114
  • 1
  • 7
  • 18