In principle, absolutely everything in the e-mail is both visible and modifiable.
E-mail related standards are notoriously ignorant about any kind of protection against any kind of forgery. All you can do is encryption.
However, you can hide some data (such as something you want to process as meta-data) the way some e-mail agent will not show. This is all you can do. With a little effort and minimal qualification anyone can get an e-mail using lower-level (for example, by acting as a client of SMTP server directly) and read a raw e-mail with all headers, "hidden" or not. The e-mail in its raw format is exactly the same as .EML file, so if someone is using a e-mail client which can save a message as .EML will also see all the raw data.
So, I'm not sure you want to waste time on it. If you want — this is pretty usual activity. There are so many such "meta-data" headers for doing that. For example, I found the header "X-Facebook" :-). You can add something like that on your own — all available e-mail software will simply ignore it and pass as is.
Again,
there is nothing to protect it from access.
Now,
what about encryption?
With encryption you can make it visible and modifiable, but interpretation (deciphering) would be impossible. With
public-key encryption you can use the principle of
digital signature which also would make the forgery of the "secret" meta-data impossible. At least if this header is removed, you can detect it as well as the attempt of mangling (forging) of this piece of data.
If you're interested in such encryption, read:
http://en.wikipedia.org/wiki/Public-key_cryptography[
^],
http://en.wikipedia.org/wiki/Digital_signature[
^].
[EDIT]
About the use of MAPI; can these articles help you:
Using MAPI properties and events in .NET with the MAPI Store Accessor[
^],
Simple MAPI.NET[
^]?
I believe you will be able to find a lot more on this topic.
—SA