Email Header Analyzer

Analyze email headers to trace source and routing

Tip: In Gmail, click "Show original" in the message menu

About Email Headers

Email headers contain metadata about an email including sender information, routing path, authentication results, and timestamps. Analyzing headers helps trace email origin, detect spoofing, and troubleshoot delivery issues.

What is an Email Header Analyzer?

An email header analyzer parses the raw technical metadata embedded in every email — the "From", "To", "Received", "Message-ID", and authentication headers that email clients normally hide. These headers reveal the exact path an email took from sender to inbox, which mail servers handled it, and whether it passed authentication checks like SPF, DKIM, and DMARC.

Raw email headers are essential for diagnosing email delivery problems, identifying spam sources, verifying email authenticity, and investigating phishing attempts.

How to Use the Email Header Analyzer

  1. Open the email in your client (Gmail, Outlook, Apple Mail) and access the raw/original message source.
  2. In Gmail: click the three-dot menu → "Show original". In Outlook: File → Properties → Internet headers.
  3. Copy the entire header block (everything above the email body).
  4. Paste the headers into the analyzer above and click Analyze Headers.
  5. Review the parsed results showing sender IP, mail server hops, SPF/DKIM status, and delivery timestamps.

When Would You Use This?

IT administrators and email security teams use header analysis to troubleshoot delivery failures — headers show exactly which server rejected or delayed a message. When an email takes 30 minutes to arrive, the Received timestamps in the header reveal which hop caused the delay.

Security professionals use header analysis to investigate phishing emails: the headers reveal the true sending IP address even if the "From" display name is spoofed. Checking SPF and DKIM pass/fail status confirms whether the claimed sending domain actually authorized the message.