Pasting only part of the headers
The analyzer needs the whole header block above the message body, including the Received and Authentication-Results lines. Use your client's show original or view source option and copy everything.
// free tool, no signup
Free Email Header Analyzer
Paste the raw headers from any email to trace its delivery path hop by hop, see where time was lost, and read the SPF, DKIM, and DMARC results the receiving server recorded. Parsing happens entirely in your browser, so nothing you paste is uploaded or stored.
What an email header analyzer does
Every email carries a block of headers that records how it traveled and how it was authenticated. This analyzer parses that block locally and lays it out clearly: the Received hops from the origin server to your mailbox, the delay at each step, the Authentication-Results the receiver stamped for SPF, DKIM, and DMARC, and key fields like From, Return-Path, Subject, and Message-ID. It is the fastest way to answer why a message landed in spam, where a delay came from, or whether a message claiming to be from a brand actually authenticated. Open your email client's view raw or show original option, copy everything above the message body, and paste it in.
How to read your result
- Authentication results
The SPF, DKIM, and DMARC verdicts the receiving server recorded. pass is what you want. A fail, softfail, or none on the domain that should authenticate is a deliverability red flag worth chasing down.
- Delivery path (Received hops)
Each Received line is one server that handled the message. They are written newest first in the raw headers, so the analyzer reverses them to show the real order, from the origin to your mailbox.
- Hop delays
The time between consecutive hops. A single hop holding the message for many seconds or minutes usually points to greylisting, a queue, or a slow relay, a common cause of mail that arrives late.
- From versus Return-Path
From is the visible sender; Return-Path is the envelope sender that SPF checks. When they differ, alignment matters for DMARC, and a mismatch can explain an authentication failure.
- Message-ID and Date
The unique identifier assigned when the message was sent and the time it was created. Both are useful when tracing one specific message in server logs or with a provider's support.
Common problems and fixes
No Authentication-Results header
Some internal, forwarded, or self-sent mail never gets stamped with an Authentication-Results header. If it is missing, the receiving server did not record one, or it was left out of what you pasted.
A large delay on one hop
If one step shows a long gap, the message was held there. Greylisting deliberately delays first-time senders, and a backed-up queue does the same. Repeated delays at the same hop are worth investigating.
SPF passes but DMARC fails
This usually means alignment: SPF passed for the Return-Path domain, but that domain differs from the visible From domain, so DMARC does not count it. DKIM aligned to the From domain fixes this.
Forwarded mail breaking authentication
Forwarding rewrites the delivery path, which often breaks SPF and can break DKIM if the message is modified. A header trace shows where the forward happened and which checks survived it.
// FAQ
Questions, answered.
How do I get an email's headers?
In Gmail, open the message and choose Show original. In Outlook, open the message and use View message details, or File then Properties. In Apple Mail, use View then Message then All Headers. Copy everything shown and paste it here.
Is anything I paste uploaded?
No. The headers are parsed entirely in your browser with no signup, and nothing is sent to a server or stored. You can use it safely with real, private messages.
How do I read the delivery path?
The hops are shown in real order, from the origin server at the top to your mailbox at the bottom, with the delay at each step. A long delay on one hop is where the message was held up.
What do the SPF, DKIM, and DMARC results mean?
Why was my email delayed?
Look at the per-hop delays in the delivery path. A gap of seconds or minutes at one hop points to greylisting, a queue, or a slow relay. Consistent delays at the same server are worth raising with that provider.
// before you hit send