3,932 Australian domains analysed. Most fail basic email authentication. [2026 Report]

Email Header Analyzer

Parse authentication results, routing hops, and delivery delays from raw email headers

Paste Email Headers

What this tool checks

  • SPF, DKIM, DMARC pass/fail results
  • Routing hops and server names
  • Delivery delays between each hop
  • Message metadata (from, to, subject, date)

How to get headers

Gmail: Open email, click ... menu, select "Show original"
Outlook: Open email, click ... menu, select "View message source"
Apple Mail: View menu, then "Message" and "All Headers"

Want automated management?

DMARC Busta's Autopilot manages SPF, DKIM, and DMARC automatically with AI-powered decisions.

Get Started Free

What Are Email Headers?

The hidden metadata that reveals how your email was authenticated, routed, and delivered

Email headers are metadata attached to every email message. They are added automatically by mail servers as a message travels from sender to recipient, and they contain critical information about the message's origin, routing path, and authentication status.

Headers include timestamps showing when each server processed the message, routing details that reveal the path the email took across the internet, and delivery diagnostics that help identify delays or misconfigurations. For IT managers and business owners, headers are the primary tool for debugging email delivery issues.

Most importantly, email headers contain authentication results. The receiving mail server records whether the message passed or failed SPF, DKIM, and DMARC checks. These results tell you whether your email authentication is configured correctly and whether messages are being accepted, quarantined, or rejected by receiving servers.

Example Auth Header
Authentication-Results:
  mx.google.com;
  dkim=pass header.d=example.com;
  spf=pass smtp.mailfrom=example.com;
  dmarc=pass header.from=example.com

Key Facts

1
Added automatically by each mail server
2
Read bottom-to-top (oldest hop first)
3
Contain SPF, DKIM, and DMARC verdicts
4
Essential for debugging delivery issues

What This Tool Analyses

A comprehensive breakdown of your email's authentication, routing, and delivery

Authentication Results

Extracts SPF, DKIM, and DMARC pass/fail verdicts from the Authentication-Results header. Quickly see whether your email authentication is working as expected or needs attention.

Message Routing

Maps every server hop the message passed through, from the sending server to the final destination. Each hop shows the server name, IP address, and protocol used.

Delivery Timing

Calculates the delay between each server hop, highlighting bottlenecks where messages are being held up. Useful for diagnosing slow email delivery.

Header Integrity

Parses and displays all headers in a structured format, making it easy to spot missing fields, unusual entries, or signs of message tampering.

How to Find Email Headers

Step-by-step instructions for the most popular email clients

Gmail

  1. 1 Open the email you want to analyse
  2. 2 Click the ... menu (top-right)
  3. 3 Select "Show original"
  4. 4 Copy the headers and paste above

Microsoft Outlook

  1. 1 Open the email message
  2. 2 Desktop: File > Properties
  3. 3 Web: ... > "View message source"
  4. 4 Copy from "Internet Headers" box

Apple Mail

  1. 1 Open the email in Apple Mail
  2. 2 Go to View menu
  3. 3 Select "Message" > "All Headers"
  4. 4 Or use View > "Raw Source"

Understanding Authentication Results

pass

Check succeeded. The sender is authenticated and authorised.

fail

Check failed. The message should be rejected or quarantined.

softfail

Not explicitly authorised. Often indicates an incomplete SPF configuration.

Frequently Asked Questions

How do I find email headers?
Each email client has a different method for accessing headers. In Gmail, open the email and select "Show original" from the three-dot menu. In Microsoft Outlook, open the message properties to find the "Internet Headers" section. In Apple Mail, use the View menu to enable "All Headers". Copy the full header text and paste it into the analyser above.
What does "spf=softfail" mean?
An SPF softfail means the sending server's IP address is not listed as an authorised sender in your SPF record, but the record uses ~all rather than -all, so it is not explicitly forbidden. This typically means your SPF record is missing an include or IP entry for the service that sent the email. Check your SPF record and add the missing mechanism.
Why did my email fail DKIM?
DKIM failures are usually caused by one of three issues: the DKIM public key in your DNS does not match the private key used to sign the message, the message was modified in transit (by a mailing list, forwarding service, or security gateway), or DKIM is not configured for the sending service. Check that your DKIM DNS record is published correctly and that the signing domain matches the From address.
What is the Authentication-Results header?
The Authentication-Results header is added by the receiving mail server after it evaluates the message against SPF, DKIM, and DMARC policies. It contains the pass or fail verdict for each check, along with details such as the sending IP address and the signing domain. This header is the single most important piece of information for diagnosing email authentication issues.

Related Tools

More free tools to secure your email authentication

Domain Scanner

Full security scan across SPF, DKIM, DMARC, and more.

SPF Checker

Validate your SPF record and check DNS lookups.

DKIM Generator

Create DKIM key pairs for email signing.

DMARC Generator

Generate a DMARC policy to protect against spoofing.

Monitor Your Email Authentication

Stop analysing headers manually. DMARC Busta continuously monitors your SPF, DKIM, and DMARC authentication across all your domains and alerts you when issues arise.

Get Started Free