Free Email Header Analyzer

Paste raw email headers to trace the delivery route, verify SPF/DKIM/DMARC authentication, and identify the sender's origin IP.

How to Get Email Headers

Gmail

Open the email → click the ⋮ menu (top right) → Show original. Copy the header block.

Outlook

Open the email → File → Properties. The headers are in the "Internet headers" box at the bottom.

Yahoo Mail

Open the email → click More → View raw message. The headers are at the top of the raw content.

Apple Mail

Open the email → View menu → Message → All Headers.

What Email Headers Tell You

🗺️

Routing Path

Each "Received" header shows a server the email passed through, with timestamps. This traces the email's journey from sender to your inbox.

🔐

SPF Authentication

Sender Policy Framework verifies that the sending server is authorized to send email for that domain. A "pass" means the server is legitimate.

✍️

DKIM Signature

DomainKeys Identified Mail adds a cryptographic signature to prove the email wasn't tampered with during transit.

📋

DMARC Policy

Domain-based Message Authentication tells receiving servers what to do if SPF or DKIM fails — reject, quarantine, or allow.

🌐

Sender IP

The originating IP address reveals where the email actually came from, helping identify spoofed or suspicious messages.

⏱️

Delivery Timing

Timestamps on each hop reveal how long the email spent at each server, helping diagnose delivery delays.

Is This Email Legitimate?

Check three things in the analysis results. First, SPF should show "pass" — this means the sending server is authorized. Second, DKIM should show "pass" — this proves the email wasn't altered. Third, the "From" domain should match what you expect. If any of these fail, the email might be spoofed or fraudulent.