Paste raw email headers to analyze SPF, DKIM, DMARC authentication results, routing hops, and sender details.
How to get email headers
Gmail: Open message → More (3 dots) → Show original → Copy to clipboard
Outlook: Open message → File → Properties → Internet headers
Apple Mail: View → Message → All Headers
Email Header Analyzer: Decode and Diagnose Your Email Headers
Email headers contain a complete record of every server that handled your message, every authentication check that was performed, and every spam filter that evaluated it. Analyzing headers is the most direct way to diagnose why a message was delayed, why it went to spam, or why authentication is failing.
What Email Headers Contain
Every email carries two parts: the visible message body and headers, and a set of technical headers mostly hidden from recipients. These hidden headers contain: the delivery path (Received: chain), authentication results (Authentication-Results:), spam scores (X-Spam-Score:, X-Spam-Status:), DKIM signatures (DKIM-Signature:), the sending client (X-Mailer:), message ID (Message-ID:), and timestamps at each hop.
Reading the Received: Chain
The Received: headers trace the message from sender to recipient. Crucially, headers are prepended — each new server adds its header at the top. To read the delivery path chronologically, read the Received: headers from bottom to top. The timestamp difference between consecutive Received: headers shows how long each server took to process the message. A large gap (minutes or hours) at a specific hop usually indicates a queue backup or spam filtering delay at that server.
Authentication-Results: Interpreting SPF, DKIM, and DMARC
The Authentication-Results: header, added by the final receiving server, summarizes all authentication checks. Look for spf=pass, dkim=pass, and dmarc=pass. Any fail indicates an authentication problem. If dkim=fail, check your DKIM record. If spf=fail, check your SPF record. If dmarc=fail, use the DMARC Checker.