Email Header Analyzer Tool - Received Chain, SPF/DKIM/DMARC, and Authentication-Results Inspector

First Published: 2026-04-28
Last Updated: 2026-04-28

Free Email Header Analyzer for raw email headers. Visualize the Received chain with delivery delays, parse SPF / DKIM / DMARC verdicts from Authentication-Results, decode every DKIM-Signature tag, and inspect List-Unsubscribe / Return-Path / Reply-To. All processing happens entirely within your browser — your headers never leave your device.

This tool parses pasted headers offline. It does not query DNS to re-verify SPF/DKIM signatures — it only interprets the verdicts that upstream MTAs already recorded in Authentication-Results.

This tool is provided "AS IS" without any warranties of any kind.
The author accepts no responsibility for misinterpretation of headers, missed indicators, or any decisions made on the basis of this output.
Header analysis is not a substitute for DNS-based revalidation of SPF, DKIM, or DMARC records.
Never paste headers from a real production message that may contain confidential routing information unless you trust the privacy model of this tool.
By using this tool, you accept full responsibility for any outcomes.

Privacy: This tool uses client-side JavaScript for all processing. No data is transmitted to servers, no headers are uploaded online, all processing happens locally in your browser. Once loaded, this tool continues to work even without an internet connection. For more details, please refer to our Web Tools Disclaimer.

Paste raw email headers (everything from the first Delivered-To: / Received: line down to the blank line before the body):

Load Example:

Basic Information

Received Chain (sender → recipient)

#	From	By	With	Timestamp	Delay

Authentication-Results (SPF / DKIM / DMARC)

DKIM-Signature

List / Unsubscribe Headers

Bulk / Auto-Submitted Signals

All Parsed Headers (raw)

Features

RFC 5322 Compliant Parsing: A line-based state machine unfolds continuation lines (those starting with SP or HTAB) and stops cleanly at the body separator.
Received Chain with Per-Hop Delay: Reverses the trace fields so the chain reads from the original sender to the final recipient, computes the delay between each hop, highlights the slowest hop, and reports total transit time.
Authentication-Results (RFC 8601): Extracts every method=result verdict (spf, dkim, dmarc, arc, etc.) plus the reason= text and all ptype.property=value pairs, displayed with color-coded badges (pass / fail / softfail / neutral / none / temperror / permerror).
DKIM-Signature Tag Decoding: Splits the header into its constituent tags — v, a, c, d, s, i, t, x, h, bh, b, l, q, z — with a plain-language description of what each tag means.
Mailing List & Bulk Detection: Surfaces List-Unsubscribe, List-Id, List-Help, Precedence, Auto-Submitted, X-Mailer, X-Campaign, and Feedback-ID as bulk-send / mailing-list signals.
Basic Field Extraction: Pulls From, To, Cc, Subject, Date, Message-ID, Return-Path, and Reply-To into a tidy table.
JSON Export: Download the full structured analysis (or copy it to your clipboard) for inclusion in reports, tickets, or post-mortems.
Built-in Examples: One-click sample headers for normal delivery and for SPF fail, DKIM fail, and DMARC reject scenarios.
100% Client-Side: Vanilla JavaScript with zero external dependencies. No fetch, no XMLHttpRequest, no DNS lookups.
Works Offline: Once loaded, the tool keeps working without an internet connection.

How to Use

Get the raw headers. In Gmail use "Show original", in Outlook "View message source", in Apple Mail "View → Message → All Headers", or just save the message as .eml and copy the lines above the first blank line.
Paste them into the textarea. The tool reads everything from the first non-blank line up to the first empty line (the RFC 5322 header/body separator).
Click "Analyze Header". The tool unfolds continuation lines, parses every header, and renders all output sections.
Inspect the Received chain. Hops appear in chronological order with per-hop delays. The slowest hop is highlighted, and the total transit time is shown above the table.
Read the Authentication-Results block. Each method=result verdict is shown with a color-coded badge. Reasons and identity properties (header.from, smtp.mailfrom, header.s, …) appear next to the badge.
Decode DKIM-Signature. Every tag is shown with its value and a plain-language description, so the meaning of d=, s=, bh=, and b= is explicit.
Export. Click "Download JSON" to save the full analysis, or "Copy JSON" to paste it into a ticket or runbook.
Try the examples. Pick one from the dropdown to see what each verdict looks like before pasting your own headers.

Important Notes

This tool reflects what was already recorded in the headers; it does not re-validate SPF, DKIM, or DMARC against live DNS. If the header was forged after the original verifying MTA wrote it, this tool will faithfully show the forged values. For authoritative re-verification, query the published SPF / DKIM / DMARC DNS records directly.
Per-hop delays are derived from the timestamps written by each MTA. If a server's clock is wrong, the delay for that hop will be wrong (and may be negative). The "slowest hop" highlight ignores negative delays.
The tool unfolds continuation lines per RFC 5322 §2.2.3, so multi-line Received, DKIM-Signature, and Authentication-Results values are parsed as a single logical header.
For DKIM-Signature, whitespace inside the b= and bh= Base64 values is ignored as RFC 6376 §3.5 specifies.
If you are configuring sending domains on AWS, see the related article Setting up DKIM, SPF, and DMARC for Amazon SES on Route 53 for end-to-end DNS configuration that produces the kind of pass verdicts this tool will display.
Never paste headers that contain sensitive routing information (internal hostnames, customer addresses, bounce IDs) into any online tool you do not fully trust. This tool runs entirely in your browser and does not transmit data, but you should still review what you paste.

References:
Tech Blog with curated related content
Web Tools Collection

Written by Hidekazu Konishi