Parse and analyze email message headers for delivery issues.
What is Email Header Analyzer?
Email Header Analyzer parses raw email headers to trace the delivery path, check authentication results (SPF, DKIM, DMARC), and identify the sending server. Essential for diagnosing delivery problems and investigating phishing emails.
How to use this tool
Copy the full email headers from your email client (usually "Show Original" or "View Source").
Paste the headers into the tool.
See parsed results: From, To, Subject, and hop count.
Review the mail route — each server hop with timestamps.
Frequently asked questions
How do I find email headers?
In Gmail: open the email, click three dots, "Show original". In Outlook: open the email, File > Properties > Internet Headers. In Apple Mail: View > Message > Raw Source. Copy everything and paste into the tool.
What do SPF/DKIM/DMARC results mean?
Pass means authentication succeeded — the email is legitimate. Fail means it didn't pass — could be spoofed or misconfigured. If all three fail, treat the email with suspicion.
Can headers reveal a phishing email?
Yes. Check the Received headers — they show the actual sending server, which may differ from the From address. Authentication failures (SPF/DKIM fail) are strong indicators of spoofing.
Why are there multiple Received headers?
Each mail server that handles the message adds a Received header. The bottommost one is the originating server. Reading from bottom to top traces the email's journey from sender to your inbox.