MailSlurp logo

Free email header analyzer

Free email header analyzer for SPF, DKIM, DMARC, and routing

Paste raw email headers into a free email header analyzer to parse SPF, DKIM, DMARC, Received hops, sender identity, and delivery evidence during incident triage.

Run a free header analysis

Paste raw headers and inspect the message path

Paste the full raw header block from a received message. The analyzer summarizes sender-policy verdicts, routing hops, and the rest of the parsed header map.

Public header analysis is one-shot only. Use repeatable inbox testing for broader release workflows.

Best fit

Use this when one message needs real forensics

This page is strongest when a team already has a suspicious message and needs to understand what actually happened before escalating the incident.

  • Explain auth failures with raw header evidence
  • Find relay delays in the Received chain
  • Map sender identity fields before opening remediation

Upgrade path

Pair header analysis with repeatable testing

A parsed header explains one message. Production confidence comes from combining that evidence with repeatable inbox, auth, and content checks.

  • Run sender-auth checks before launches
  • Use inbox testing for controlled validation
  • Keep delivery triage grounded in message evidence
Open deliverability workflow

Key details

Primary use

Header parsing

Turn raw headers into a structured summary before starting incident review.

Auth view

SPF / DKIM / DMARC

See the sender-policy outcomes that usually explain why trust or alignment broke.

Route view

Received chain

Inspect relay hops and timing to locate delay or routing anomalies more quickly.

Output

Parsed headers

Keep the original evidence visible in a grouped format that is easier to review and share.

What this checks

A strong email header analyzer should surface the high-signal fields first

Header dumps are only useful when the important signals are made obvious. This analyzer emphasizes sender-policy verdicts, routing hops, and identity fields before the rest of the header map.

Auth

Verdict summary

Start with SPF, DKIM, and DMARC outcomes before chasing lower-signal clues.

Routing

Hop chain

See the path through receiving systems and identify suspicious or slow relays.

Identity

From vs return-path

Compare visible sender identity and envelope domains during alignment review.

Evidence

Parsed headers

Keep the raw header families available for deeper review once the summary points to a likely cause.

Triage order

Read the parsed headers in the order that resolves incidents fastest

Most message-header investigations do not need every field at once. Start with authentication, then trace the route, then compare sender identity fields before changing DNS or provider settings.

1. Authentication

Check SPF, DKIM, and DMARC results first so sender-policy failures are not mistaken for content or routing issues.

2. Received chain

Follow the relay path and timestamps to find queue delay, unexpected hops, or provider handoff problems.

3. Sender identity

Compare From, Return-Path, Reply-To, and DKIM signing domains when alignment looks suspicious.

4. Next tool

Move into SPF, DKIM, DMARC, spam, or inbox-placement checks once the header evidence points to a likely owner.

Operational use

Best used during incident triage and change review

Searchers usually want an email header analyzer because a message misbehaved, not because they want generic documentation. Treat this page as the first forensic step after a suspicious receipt outcome.

Delivery incidents

Parse the suspicious message first so SPF, DKIM, DMARC, and hop delays are visible before the incident expands into guesswork.

Post-migration review

Inspect headers after provider changes to confirm the new sender path is producing the expected auth and routing evidence.

Security or support escalation

Share a structured header summary instead of a raw dump when multiple teams need to review the same message quickly.

Related tools

SPF checker

Validate the published SPF record when Authentication-Results shows sender-policy problems.

Open tool

DKIM checker

Confirm the selector and DNS record behind a DKIM verdict in the headers.

Open tool

Email spam checker

Pair header forensics with broader spam-risk diagnostics before escalating a deliverability issue.

Open tool

Inbox placement test

Use controlled inbox testing when you need repeatable placement and receipt validation, not just one message analysis.

Open tool

FAQ

What does this email header analyzer extract?

This email header analyzer parses raw RFC 5322 headers, summarizes SPF, DKIM, and DMARC results, maps the Received chain, and groups the remaining headers so incident review starts from a structured output instead of a wall of text.

When should I analyze email headers?

Use header analysis during delivery incidents, after infrastructure changes, or when a message lands unexpectedly. Headers are usually the fastest source of truth for auth, routing, and timing questions.

What is the most important part of the result?

Start with Authentication-Results and the Received chain. That usually tells you whether the message failed sender policy, took an unexpected route, or encountered delays between relays.

Does this replace deliverability testing?

No. Header analysis explains what happened to a specific message. It is strongest when paired with sender-auth checks and controlled inbox testing for repeatable validation.