Email Header Analyzer
Paste raw email headers to decode authentication results, trace the delivery path, and check sender alignment — entirely in your browser.
What Are Email Headers?
Every email carries a set of metadata fields called headers. These are normally hidden from the recipient but contain critical information: who sent the message, which servers handled it, and whether it passed authentication checks like SPF, DKIM, and DMARC. Headers are defined primarily in RFC 5322 (Internet Message Format).
How to Find Raw Headers
Each email client exposes raw headers differently:
| Client | Steps |
|---|---|
| Gmail | Open the message, click the three-dot menu (⋮), select "Show original". |
| Outlook (web) | Open the message, click "…" → "View" → "View message source". |
| Apple Mail | Open the message, go to View → Message → All Headers (or ⌥⌘U for raw source). |
| Thunderbird | Open the message, go to View → Message Source (Ctrl+U). |
What Authentication-Results Tells You
The Authentication-Results header (defined in RFC 8601) is added by the receiving mail server and summarizes the authentication checks it performed. It reports verdicts for SPF, DKIM, DMARC, and optionally ARC. A pass verdict means the check succeeded; a fail means the message did not authenticate properly for that protocol.
Understanding the Received Chain
Each server that handles the message adds a Received: header. Reading these from bottom to top traces the message's path from origin to destination. Long delays between hops can indicate routing issues, greylisting, or content scanning. Clock skew between servers occasionally produces negative delays, which are harmless but worth noting.
Get the full picture with DMARCguard
Continuous monitoring, aggregate report parsing, and actionable insights for all your email authentication protocols.
Start Free