A commmon file extension for e-mail files

message/rfc822

Safe

Magic Bytes

Offset: 0
23 21 20 72 6E 65 77 73

The Email Message (EML) format is a standardized text-based structure defined by the Internet Engineering Task Force (IETF) according to RFC 822 and RFC 5322 specifications. It is primarily used by clients like Microsoft Outlook and Mozilla Thunderbird to archive individual messages, preserving original headers, body content, and attachments. Although the plain text format is inherently safe, the inclusion of active HTML content or malicious attachments necessitates standard security protocols when opening files from unknown sources.

Extension

.eml

MIME Type

message/rfc822

Byte Offset

0

Risk Level

Safe

Validation Code

How to validate .eml files in Python

Python 
def is_eml(file_path: str) -> bool:
    """Check if file is a valid EML by magic bytes."""
    signature = bytes([0x23, 0x21, 0x20, 0x72, 0x6E, 0x65, 0x77, 0x73])
    with open(file_path, "rb") as f:
        return f.read(8) == signature

How to validate .eml files in Node.js

Node.js 
function isEML(buffer: Buffer): boolean {
  const signature = Buffer.from([0x23, 0x21, 0x20, 0x72, 0x6E, 0x65, 0x77, 0x73]);
  return buffer.subarray(0, 8).equals(signature);
}
Go 
func IsEML(data []byte) bool {
    signature := []byte{0x23, 0x21, 0x20, 0x72, 0x6E, 0x65, 0x77, 0x73}
    if len(data) < 8 {
        return false
    }
    return bytes.Equal(data[:8], signature)
}

API Endpoint

GET /api/v1/eml
curl https://filesignature.org/api/v1/eml

Related Formats

.drw .jceks .lnn .mime .ast .pf .bli .distz .syw