See exactly who is sending email as your domain
DMARC reports are dense XML that almost no one reads. SpamCipher collects them for you, translates them into plain language, and shows you every source sending as your domain, what passes SPF and DKIM, and where spoofing is happening.
Start monitoring DMARC
Turn raw DMARC reports into a clear picture
Mailbox providers already send aggregate reports about your domain every day. On their own they are unreadable XML. SpamCipher collects them, parses them, and shows you what is actually happening with mail sent in your name.
- Publish a DMARC record. Add one DNS record that points your aggregate reports to SpamCipher. We give you the exact line to copy.
- We collect and parse the reports. Providers send RUA reports to us, and we turn the XML into a readable view of every source and result.
- Tighten your policy with confidence. Once your legitimate senders pass, move from p=none to quarantine to reject safely.
- SPF alignment: whether the sending IP is authorized for your domain
- DKIM alignment: whether the signature matches your domain
- DMARC disposition: what providers did under your current policy
- Sending sources: tells legitimate senders from unknown ones
- Spoofing attempts: surfaces unauthorized mail sent in your name
From unreadable XML to a clear answer
Publish one record, let the reports flow in, and finally see who sends as your domain.
Publish your DMARC record
Add a single DNS TXT record that points aggregate reports to SpamCipher. We hand you the exact value to paste.
Collect and parse reports
Mailbox providers send their daily RUA reports to us, and we parse the XML into a readable view of every sender and result.
Tighten your policy
Watch your legitimate sources pass, then move from p=none to quarantine to reject without blocking real mail.
Stop spoofers from sending as you
Start monitoring your domain free, no credit card required.
Stuck at p=none and afraid to tighten it?
Most domains publish p=none and never move past it, because raising the policy feels risky. Without visibility, you cannot tell whether reject will block a spoofer or your own payroll system.
SpamCipher gives you that visibility. Once every legitimate source is passing SPF and DKIM alignment, you can move to quarantine and then reject knowing your real mail still gets through.
Get alerted the moment something new starts sending
Your sending changes over time. A new tool gets connected, a vendor starts mailing on your behalf, or a spoofer tries your domain for the first time.
SpamCipher watches your reports continuously and alerts you when a new source appears or an existing one starts failing alignment.
You stay in control of your domain without having to open a single XML file again.
Set up alertsHow to get the most from your DMARC reports
Reaching p=reject is the milestone, but the reports keep earning their value after that. The unknown sources, the IPs that fail alignment, and the sudden spikes in failures are where attention matters. Confirm the legitimate ones, authorize them properly, and treat the rest as what they are: mail you never sent.
Make monitoring continuous, not a one-time project. New vendors and tools appear all the time, and a domain left unwatched drifts back into risk. Keep reading the reports, keep your senders aligned, and your domain stays trusted and hard to impersonate.
