Email Infrastructure // Online

Email Header Analyzer.

An email header analyzer parses the raw metadata attached to every email message to reveal its complete delivery path from sender to recipient. By pasting headers from Gmail, Outlook, or any email client, this free tool extracts every server hop with timestamps to identify routing delays, verifies SPF, DKIM, and DMARC authentication results to confirm whether your emails pass security checks, and highlights issues like failed authentication or suspicious delays that could be sending your messages to spam. All processing runs entirely in your browser, so no sensitive header data is ever transmitted to a server.

Email Infrastructure
Analyze Headers Book a Strategy Call
Free Tool
HEADERS
System Active
Raw Email Headers
Save & Share Your Results

Enter your email to receive a copy of your results and share them with your team.

We will only use your email to share your results. No spam.
How to Use

Get Started in 3 Steps

Step 01

Paste Email Headers

Copy the raw headers from your email client (Gmail: three-dot menu → Show original, Outlook: File → Properties → Internet Headers, Apple Mail: View → Message → All Headers) and paste them into the text area.

Step 02

Analyze the Headers

Click "Analyze Headers" to parse the complete routing chain, authentication results, and metadata fields. You can also load sample headers to see how the tool works before pasting your own.

Step 03

Review the Results

Check the routing chain for delivery delays — hops highlighted in red took more than 5 seconds, yellow between 1-5 seconds. Verify that SPF, DKIM, and DMARC all show "pass" status. Review any warnings or issues flagged by the analyzer for actionable next steps.

How It Works

Under the Hood

The analyzer first unfolds and normalizes the raw header text. In email standards (RFC 5322), long header lines can be split across multiple lines by starting continuation lines with whitespace — the tool joins these back together into single logical headers. It then builds a case-insensitive header multi-map, grouping all values for headers that appear multiple times (like Received).

Next, the tool parses each Received header to extract the routing chain. Since Received headers appear in reverse chronological order (newest first), the tool reverses them to reconstruct the actual delivery path. For each hop, it extracts the sending and receiving server names and IP addresses, the protocol used, and the timestamp. It then calculates the delay between consecutive hops to identify where bottlenecks occurred in the delivery pipeline.

Authentication results are extracted from multiple header sources. The tool parses the Authentication-Results header for SPF, DKIM, and DMARC verdicts, falls back to the Received-SPF header for SPF results if needed, examines DKIM-Signature headers for signing details (selector, domain, algorithm), and checks for ARC (Authenticated Received Chain) headers used in forwarding scenarios.

All processing runs entirely in your browser using client-side JavaScript — no email header data is ever sent to any server. This ensures the privacy and security of potentially sensitive routing and authentication information contained in your email headers.

FAQ

Frequently Asked Questions

What are email headers and what information do they contain?
Email headers are metadata lines prepended to every email message by each mail server it passes through during delivery. They contain routing information in the form of Received headers (one per server hop showing server names, IP addresses, and timestamps), authentication results for SPF, DKIM, and DMARC, sender and recipient addresses (From, To, Reply-To), the message subject, date, Message-ID, and MIME content type declarations. Headers also include X-headers added by spam filters, mailing list software, and other processing systems. Reading headers from top to bottom shows them in reverse chronological order — the topmost Received header was added last, by the receiving server closest to the recipient.
How do I find and copy the raw headers from my email?
In Gmail, open the message, click the three-dot menu in the top-right corner, and select "Show original" — this opens a new tab with the full raw headers you can copy. In Outlook desktop, open the message, go to File → Properties, and the headers appear in the "Internet Headers" text box at the bottom. In Outlook on the web, click the three-dot menu → View → View message source. In Apple Mail, select the message, then go to View → Message → All Headers (or press Option+Command+U for raw source). Most other email clients have a similar "View Source" or "Show Headers" option in their message menus. Copy the entire header block — everything above the blank line that separates headers from the message body.
What do the Received headers tell me about email routing?
Each Received header represents one hop in the email's journey from the sender's mail server to your inbox. They appear in reverse chronological order, so the first Received header at the top was the last server to handle the message (usually the recipient's mail server), and the last one at the bottom was the first server (the sender's outgoing server). Each hop records the server name and IP address of both the sending and receiving server, the protocol used (ESMTP, ESMTPS for encrypted), and a timestamp. By comparing timestamps between consecutive hops, you can calculate the transit delay at each point — this reveals where bottlenecks are occurring, such as a spam filter taking 30 seconds to scan a message or a server experiencing congestion.
How does SPF, DKIM, and DMARC authentication work in email headers?
SPF (Sender Policy Framework) verifies that the sending server's IP address is authorized to send email for the domain in the envelope From address — the result appears in the Authentication-Results or Received-SPF header as pass, fail, softfail, or neutral. DKIM (DomainKeys Identified Mail) uses cryptographic signatures to verify that the email content and key headers were not modified in transit — the sending server signs the message with a private key, and the receiving server validates it against a public key published in DNS. DMARC (Domain-based Message Authentication, Reporting and Conformance) ties SPF and DKIM together by requiring at least one to pass with domain alignment, and specifies a policy (none, quarantine, or reject) for messages that fail. All three results are recorded in the Authentication-Results header by the receiving mail server.
Why is my email showing delays between hops?
Delays between hops can be caused by several factors. Greylisting is a common cause — the receiving server temporarily rejects the first delivery attempt, forcing the sender to retry after a delay (usually 5-15 minutes). Content scanning and spam filtering can add 1-30 seconds depending on the complexity of the analysis and server load. DNS lookup issues or timeouts on the receiving server can cause delays as it tries to verify SPF records or reverse-DNS the sending IP. Server-side rate limiting may queue your message if the sender has already delivered a high volume recently. Our analyzer flags delays over 5 seconds in red and delays between 1-5 seconds in yellow to help you quickly identify problem hops.
Related Tools

Explore More Tools

Email Infrastructure

Domain Health Checker

Run a comprehensive health scan combining SPF, DKIM, DMARC, MX, and blacklist checks in one report.

Advanced Live
Try Tool →
Popular
Email Infrastructure

Email Blacklist Checker

Check if your IP or domain is listed on 50+ email blacklists that could be hurting deliverability.

Standard Live
Try Tool →
Popular
Email Infrastructure

SPF Record Generator & Validator

Generate and validate SPF records for your domain to improve email deliverability and prevent spoofing.

Standard Live
Try Tool →
Need Expert Help?

We Build Enterprise Email Infrastructure

Our Email Infrastructure Setup service handles email authentication configuration, deliverability optimization, and ongoing monitoring. Starting at $5K for complete email infrastructure setup.

Learn About Email Infrastructure Setup
Related Articles

Learn More

Cold Email Deliverability: Why Your Emails Land in Spam

Diagnose the five root causes of deliverability failures — authentication, volume, content, engagement, and list quality.

Read Article →

How to Build Cold Email Infrastructure That Scales

Domain procurement, DNS configuration, and sending architecture for high-volume outbound.

Read Article →