Forward An Email To Be Verified

Your email address (the one that received the email)

Quick safety questions

These answers help improve accuracy. They also change the risk score and show the right advice.

This email was in my Spam/Junk folder I was not expecting this email I do not recognise the sender The email asks for login, payment, or urgent action I clicked a link in this email I opened or downloaded an attachment

Forward the email to: check@legitemailchecker.com

Tip: Forward the email and put the token in the email subject. Example subject: Test FWD-ABCDE12345

RESET

Email Legitimacy Checker

Worried an email might be fake, spoofed, or unsafe — but you don’t want to upload the message file or paste sensitive content into a form?

This checker lets you forward or send a real email to our secure test inbox, then generates a technical legitimacy report based on what actually arrives.

It’s designed to help you confirm whether an email appears to be genuinely sent from the domain it claims, or if something looks suspicious.

How to use the Email Legitimacy Checker

Enter your email address (the address you will send from).

Click Generate token to create your unique verification code.
Copy the token and send an email to: check@legitemailchecker.com
Put the token in the email subject line (important).
Click Email sent.
The system waits briefly (countdown), then click Check mailbox.
If the email hasn’t arrived yet, click Check again to retry.

Once received, your legitimacy report is shown immediately on this page.

What this tool checks

When your email arrives, we analyse the message headers and provide a report that can include:

Email authentication

SPF (Sender Policy Framework) – whether the sending server is authorised to send for the domain
DKIM (DomainKeys IdentifiedMail) – whether the email is cryptographically signed and the signature passes
DMARC – whether the domain has a policy and whether alignment/authentication passes

Sender and message identity

From / Reply-To / Return-Path comparison
Sender domain checks
Message-ID and date validation

Delivery route and source

“Received” hops (the route the email took)
Sending IP address where available

Reputation (best-effort)

Basic checks against known patterns and signals that can indicate risky sending behaviour

This gives you a clearer view of whether the email is likely to be legitimate, spoofed, or simply misconfigured.

Why the token is required

The token ensures we only analyse the email you intended to test, and it prevents other users’ messages from being mixed with yours.

It also allows the system to locate your message quickly without storing mail long-term.

What to do if your email isn’t found

If your email doesn’t show as received:

Wait 10–30 seconds and click Check again
Ensure the token is in the subject
Make sure you sent it from the same address you typed into the form
Check if your email provider is delaying delivery (common with some systems)
If it still fails, it may indicate an outgoing mail or DNS/authentication issue

Important: this does not guarantee safety

This tool checks whether an email looks authentic from a technical delivery/authentication standpoint.

A message can still be malicious even if SPF/DKIM/DMARC pass, so always be cautious with:

Unexpected attachments
Links asking for logins or payments
Requests to change bank details
Urgent or threatening language

If you’re unsure, confirm through a trusted channel (phone number you already know, not one in the email).

Privacy and security

To protect your privacy and the server:

Emails are used only for verification and header analysis
The system is designed to avoid long-term storage
No mailing list activity is performed
The mailbox is dedicated to checking and testing purposes

Run your email check now

Use the form above to generate your token and send your test email.
Once it arrives, you’ll receive a clear legitimacy report in seconds.