Email source text

It used to be possible to read the source text of emails by dragging its entry from the side bar in Mail app to the TextEdit icon on the Mac. I was very handy to check suspicous looking mails. That feature probably disappeared on one of the latest macOS updates.

Is there a function or app that does this?
Mac mini M2, macOS Sequoia 15.2

You can easily do that as a two-step:

  1. Drag the index entry onto the desktop. That will create a copy of the email on the desktop. Right-click the icon for the message and select ‘Open With’. You’ll see a sub-menu with various email processors suggested. If you click ‘Other
’ at the bottom of the list, you can select any application from your application folder. Text editors such as Text Edit and BBEdit will open the source file.
3 Likes

Does Mail > View > Message > Raw Source do what you need?

6 Likes

Thank you both, aforkosh and tom3. Both are useful and show the raw source but aforkoshs method shows the source before the mail is opened in the mail app. That is the effect I wanted.

I have got the impression that just opening a mail in the mail app can cause all kinds of problems. I don’t think that TextEdit can do that with the raw source as text.

It’s not inconceivable that opening a message containing a maliciously crafted image that takes advantage of a previously unknown vulnerability in macOS could be a problem. Apple has fixed bugs like this in the past, most of them based on internal testing and reports from security researchers, not exploits in the wild.

But the chance of it happening to you with a message that otherwise looks completely legitimate is so low that you shouldn’t change your behavior.

It’s like setting up and checking security cameras for the entire perimeter of your house before you set foot outside your front door. It’s not inconceivable someone could be waiting to mug you as soon as you unlock it, but the chances of it happening are minuscule.

1 Like

I’m on Sequoia 15.2. I just tried something I thought would be simple, and it mostly worked, but it also opened up a can of worms, i.e., surprisingly complex, context-specific behaviors.

To cut to the chase, try option-dragging into TextEdit.app instead of simply dragging. That may give you something close to what you want.

Unfortunately, I don’t have the time today to investigate the complex behaviors I found, but I’ll share some data points in case anyone wants to look into things further:

  1. Dragging and dropping a Mail.app message into a Finder window yields an “.eml” file.
  2. Dragging and dropping a Mail.app message into a Finder window while holding the option key yields an “.emlx” file.
  3. Dragging and dropping a Mail.app message onto the TextEdit icon in the Dock opens a file with just the subject of the email.
  4. Dragging and dropping a Mail.app message onto the TextEdit icon in the Dock while holding the option key opens the source of the emlx file, or sometimes an emlxpart file (I think).
  5. Dragging and dropping a Mail.app message into an RTF formatted TextEdit.app window with or without the option key yields a link that, when investigated further, is an Apple URI that starts with “message:” and will open the original Mail message in your default mail app.
  6. Dragging and dropping a Mail.app message into a plain TXT formatted TextEdit.app window simply loads the name/subject of the email.
  7. Dragging and dropping a Mail.app message into a plain TXT formatted TextEdit.app window while holding the option key yields the full UNIX path to the original email file, e.g., /Users/(username)/Library/Mail/V10/
1234.emlx.
  8. Dragging and dropping a Mail.app message onto the BBEdit icon in the dock yields the subject line of the email message.
  9. Dragging and dropping a Mail.app message onto the BBEdit icon in the dock while holding the option key opens the source of the emlx file.
  10. I have not tried to see what happens in an older version of macOS.
  11. I saw other behaviors with other apps that also surprised me.

Good luck to anyone who wants to pursue further!

6 Likes

What about taking a screenshot of the email, save it as a .jpg to the desktop, and then drop it onto a Photoshop icon in the dock? (too scared to try it myself)

(edited to add that each of these choices creates a new folder 16 levels deep somewhere inside /Users/Library/Mail/V10/E45-33JIL3-FF353KLS-83/Data/8/3/5/Messages
)

1 Like

That shouldn’t do anything suspicious at all. Nothing not visible in the screenshot will be in the .jpg file except the usual .jpg metadata. Unless there’s something hidden steganographically in an image in the email. all you should get is a simple screenshot—and even steganographic data won’t do anything in Photoshop unless you use a plug-in that reads and writes steganography (or it’s a really simple form of steganography that’s readable to the human eye with a basic filter or channel separation).

1 Like

Thank you, Adam, for allaying my fear of malicious mails.

The reason for this was a mail from from an entity called N26 with the subject line “Action required: Update your contact information”, which sounded very much like phishing since I had no idea who or what N26 was. The trick with the mail source text did not bring much mostly because almost all of the mail was images and html code but not much readable text.

After some searches it turned out that N26 is a more or less shady German bank that exists only on the net. It is even written up in Wikipedia. I have never had anything to do with it, though it may be handy for laundering money.

Quite an impressive list of combinations of keys and actions that might display the source code of a mail. Some work.

2 Likes

It does sound like phishing, but all you need to do is mark it as spam and move on. Life’s too short to analyze every dodgy email. :slight_smile:

As you saw, being able to read the text of a message often isn’t helpful because spam may try to sidestep filters by putting the text in an image.

1 Like

I suppose I should assume that Apple Mail doesn’t have a quick menu item for this?

In Thunderbird, I can select View → Message Source (⌘U) to view any message’s raw source.

2 Likes

“I should assume that Apple Mail doesn’t have a quick menu item for this?” It is usually wrong to “assume” most anything.

Apple goes to great lengths to use the option, control and command keys for all kinds of app-specific operations, to wit: To see the raw text of a message in Mail try “option-command-u”. :+1:
As originally recommended by Tom Gewecke tom3.

4 Likes

@xairbusdriver beat me to it
⌄ ⌘ u

or just View All Headers
⇧ (Shift) ⌘ H

3 Likes

Thanks. I don’t use Apple Mail on my Mac, so I can’t test it, and was wondering why this command wasn’t one of the first replies to the original question.

Fair point. I was assuming the original poster was interested in manipulating the message source in an actual text editor, rather than simply viewing it in Mail.app.

Of course, we all know what happens when we assume things. :rofl:

2 Likes

If you like using menus rather than the keyboard:

From the Mail menu bar, do View>Message>Raw Source.

1 Like

I have found that “View All Headers” often does not, in fact, display all of the headers. It tends to hide extra sender- and recipient-related headers beyond the basic “To:”, “From:” and “Cc:” fields, and sometimes it hides some of the “Received:” headers that can be vital to determining a message’s true origin. “View Raw Source” will consistently display all of the headers, so I normally just go straight to that.

Of course, I bother to do that only if an email purports to be from someone I actually expect to get email from and looks legit on the face of it but contains suspicious content. I’ve recently had a spate of emails purporting to be from PayPal regarding money requests and invoices for transactions I never participated in. (For the record, I never do purchases directly via PayPal. It’s always using PayPal through the actual store’s checkout process. These transactions never result in money requests or PayPal invoices, just an email confirmation (in plain text!) of who and how much.) After verifying the first couple as definitely being not from PayPal and reporting them, I just send them straight to junk now.

3 Likes

Apologies! I sometimes forget that not everyone recognizes my attempts at humor via sarcasm.

2 Likes

Sarcasm is hard to convey in written text. But in this case, it’s not so much about me missing the humor as me preemptively helping the others that I know for certain won’t recognize it as humor. These days, so many people know little about the underpinnings of this stuff we use daily, and I’d rather ruin a joke than see people start to get paranoid about screenshots of suspicious emails.

2 Likes