EML Inspector
A free, browser-based EML file analyzer. Drop any .eml file to instantly inspect its headers, authentication results, body, and attachments — without uploading anything to a server.
EML Inspector
Analyze email files instantly — headers, security, attachments, and more. All processing happens in your browser.
Drop your .eml file or click to browse
Supports .eml files — processed 100% in your browser
How to use EML Inspector
- 1 Export or save an email as an .eml file from your mail client (Apple Mail, Thunderbird, Windows Mail, Gmail, etc.).
- 2 Open EML Inspector and drag the file onto the upload area, or click to browse and select the file.
- 3 The tool parses the file locally and displays the results across tabs: Headers, Security, Body, Attachments, and Raw Source.
- 4 Use the Headers tab to find sender, recipient, routing, and timestamp information. Use the search box to filter large header sets.
- 5 Check the Security tab to see SPF, DKIM, and DMARC authentication pass/fail results extracted from the email headers.
- 6 Review phishing indicators flagged by the tool, and download any attachments for offline analysis.
Features
Who uses EML Inspector?
Security analysts and SOC teams use it during phishing triage to inspect suspicious emails without loading them in a live mail client. Because nothing is uploaded, even highly sensitive or potentially malicious emails can be safely analyzed.
IT administrators use it to diagnose email delivery problems — tracing the route an email took through mail servers and identifying where authentication failures occurred.
Developers and QA engineers use it to verify that their outgoing emails include the correct headers, have valid DKIM signatures, and render correctly across HTML and plain-text parts.
Journalists and researchers use it to verify the authenticity of leaked or forwarded emails by examining authentication metadata and routing history.
Frequently asked questions
What is an EML file?
An EML file is a plain-text email message saved in the MIME RFC 822 format. It is supported by most mail clients including Apple Mail, Mozilla Thunderbird, Windows Mail, and many others. EML files contain the full email — headers, body, and encoded attachments — in a single portable file.
Is EML Inspector free and safe to use with sensitive emails?
Yes. EML Inspector is completely free and runs entirely in your browser. Your files are never uploaded to any server. The parsing happens locally using the postal-mime library, making it safe to analyze sensitive, confidential, or potentially malicious emails during incident response.
What do SPF, DKIM, and DMARC checks mean?
SPF (Sender Policy Framework) verifies that the sending IP address is authorized to send email on behalf of the domain. DKIM (DomainKeys Identified Mail) verifies a cryptographic signature attached to the message by the sending server. DMARC (Domain-based Message Authentication, Reporting, and Conformance) ties SPF and DKIM together and lets domain owners publish a policy for how to handle failures. EML Inspector extracts these results from the Authentication-Results headers already present in the email.
Can I analyze phishing emails with this tool?
Yes. EML Inspector is well-suited for phishing analysis. It flags common indicators such as display-name spoofing, domain mismatches between the From header and the envelope sender, unusual routing hops, and missing or failed authentication. The HTML body is rendered in a sandboxed iframe that blocks scripts and external resource loads, so you can view the content without risk.
How do I export an email as an EML file?
In Apple Mail, drag an email to the desktop or use File → Save As. In Thunderbird, right-click a message and choose Save As. In Gmail (web), open the email, click the three-dot menu, and select Download message. Outlook typically saves emails as .msg files rather than .eml; use the MSG Inspector for those.