How to Know if an Email You Received Is Spam or Real
Product/Version: KartHost KloudEmail Webmail, Outlook Desktop, MXToolBox Email Header Analyzer  Audience: Customer  Last Updated: 2026-02-26

What Is an Email Header?

An email header is hidden technical information that travels with every email and does not appear in the normal “From / To / Subject” view.

It includes details such as the real sending server, the path the email took (“hops”), and security checks like SPF, DKIM, and DMARC.

Support teams and security tools use the header to see who really sent the email and whether it might be spam or phishing.

Important Safety Warning

  • Do not click any links or open any attachments in a suspicious email.

  • Do not forward a suspicious email to anyone else (including adding into tickets).

  • The email header text itself is safe to share and is much more useful for investigating who the message is really from.

Purpose

Help you safely check whether a suspicious email is spam or real by looking at its email header and using the MXToolBox Email Header Analyzer.

Prerequisites

  • Access to your KartHost KloudEmail Webmail (via webmail.emailsrvr.com or your normal KloudEmail login page).

  • Access to Outlook on your Windows computer (desktop version).

  • A web browser to open the MXToolBox Email Header Analyzer page.

Step 1 – Get a Copy of the Full Email Header

  1. Open this article in a new tab or window:
    “Email Header How To View and Copy From KloudEmail Webmail, Outlook Desktop and Web”
    https://customercenter.karthost.com/knowledgebase/269/Email-Header-How-To-View-and-Copy-From-KloudEmail-Webmail-Outlook-Desktop-and-Web.html

  2. Follow the instructions in that article for your email program (KloudEmail Webmail, Outlook Desktop, or Outlook Web) until you have copied the full email header text.

  3. When you have the header copied, return to this article and continue with Step 2 below.

(From this point forward, you do not need to open or forward the suspicious email again.)

Step 2 – Paste the Header into MXToolBox Email Header Analyzer

  1. Open your web browser and go to the MXToolBox Email Header Analyzer page:
    https://mxtoolbox.com/EmailHeaders.aspx

  2. On the page, find the large empty box where you can paste text.

  3. Click inside that box.

  4. Press Ctrl + V (Windows) or Cmd + V (Mac) to paste the header you copied from KloudEmail Webmail or Outlook.

  5. Click the “Analyze Header” button. MXToolBox will process the header and then show a results page.

  6. If Support asked you to “send the MXToolBox results,” you can either:

    • Copy the link in your browser’s address bar and paste it into your reply to Support, or

    • Take a screenshot of the results page and attach it in your reply.

(Placeholder: Screenshot – MXToolBox Email Header Analyzer page with header pasted and Analyze button highlighted)

Step 3 – Simple View of the Key MXToolBox Results

You will see a lot of technical information. For most customers, these three areas are enough.

1) How long the email took to travel (delivery time / hops)

  • MXToolBox shows a list of “hops” (servers the email passed through) with times next to them.

  • Very large delays between hops can explain why an email arrived late or appears slow.

2) The sending server and reputation

  • The results show the IP address and server name that actually sent the email.

  • The tool may also show if that IP address appears on common spam or block lists, which helps explain why an email might be treated as spam.

3) Email authentication checks (SPF, DKIM, DMARC)

  • Look for simple “pass” or “fail” results for SPF, DKIM, and DMARC.

  • If one or more of these say “fail,” it might mean the message is not properly authorized or is spoofed, which is common for phishing or spam.

If anything here looks suspicious, mention that when you reply to Support and include either:

  • The full header text you copied, or

  • The link to your MXToolBox results, or a screenshot.

Expected Result

  • You have safely copied the full email header from KloudEmail Webmail or Outlook without forwarding or interacting with the suspicious message.

  • MXToolBox displays a results page showing hops (delivery path), sending server/IP, and SPF/DKIM/DMARC status for the email.

  • You can share either the full header or the MXToolBox results link/screenshot with KartHost Support so they can determine whether the email is spam, spoofed, or legitimate. To share log into your KartHost Customer Center account and Open a Ticket to paste the full header or the MXToolBox link.

Troubleshooting / FAQs

Symptom / Question Likely Cause Quick Fix
I can’t find “View Full Header” or “Internet headers”. Different email layouts, themes, or using a preview-only view. Open your email program and follow the steps in this article: “Email Header How To View and Copy From KloudEmail Webmail, Outlook Desktop and Web”. Make sure you open the message in its own window if using Outlook.
MXToolBox shows SPF or DMARC failed. The sender’s domain may not be configured correctly, or someone may be spoofing that domain. Treat the email as suspicious, especially if it asks for passwords, money, or personal information. Do not click links or reply. Share the full header or MXToolBox results with KartHost Support.
MXToolBox shows the sending IP on block lists. The sending mail server’s IP address has a poor reputation or is listed for spam. Assume the message may be spam. Do not click anything inside it. Provide the MXToolBox results and header to KartHost Support so they can confirm and help you block similar messages.
Is it safe to open or forward this suspicious email? Suspicious emails can contain harmful links or attachments, and forwarding them spreads the risk. You may open it only to get to the header options (as described in the header KB), but do not click links, open attachments, download images, or forward it (including adding into tickets). Only copy the header text and share that with KartHost Support.
 
 

Related Articles / Links

 

Hai trovato utile questa risposta? 0 Utenti hanno trovato utile questa risposta (0 Voti)

Gli articoli più popolari

Do I have Anti-Spam and Anti-Virus Protect for my email accounts with my Hosting Packages?

We provide you with both Anti-Spam & Anti-Virus Protection on all KARTHOST email accounts....
SMTP - How to Change Outgoing email PORT setting for Outlook, Outlook Express and other 3rd party Email Managers

If you have found this article via Google search we are sorry we are unable to assist you. The...
Export Roundcube vCard File to CSV file for Import to KartHostKloud Mail

  The following comes with the warning of use at your OWN RISK, while we feel the web site...
An Outside Email is Unable to Send Emails to Me - Adding to Safelist

Are you using the KartHost KloudEmail system? If you are and you are having an issue of someone...
Email Attachment Limits at KartHost

The attachment limits is totally dependant on the email service you have with your domain name.If...