Email tool
Phishing & Email Header Analyzer
Paste raw email headers to analyze authentication results (SPF/DKIM/DMARC) and spot phishing indicators.
Frequently asked questions
How do I find the raw headers of an email?
In Gmail, open the message, click the three-dot menu, and choose Show original. In Outlook, open the message, go to File, then Properties, and copy the Internet headers. In Apple Mail, choose View, then Message, then All Headers. Paste everything you copy into the box above — the more complete the headers, the better the analysis.
What do SPF, DKIM, and DMARC tell me?
SPF checks whether the sending server is authorized to send for the From domain. DKIM verifies a cryptographic signature proving the message wasn't tampered with in transit. DMARC ties the two together and tells receivers what to do when they fail. A FAIL on any of these — especially combined with a Return-Path or Reply-To domain that doesn't match the From address, or a display name impersonating a known brand — is a strong phishing signal. This tool only reads what's in the headers you paste; it does not perform live DNS lookups.
Want this handled for you?
Elevate manages IT & security for regulated Los Angeles firms.
Related email tools
DMARC / DKIM / SPF Checker
Check a domain's email authentication records across common DKIM selectors.
Email Authentication Coverage Score
Score a domain's SPF, DKIM, and DMARC coverage with honest, transparent methodology.
Email Header Analyzer
Decode raw email headers to trace the delivery path and authentication results.
Email Deliverability Troubleshooter
Diagnose common reasons your email lands in spam.