Every domain, fully visible

Each domain gets its own detail view: an AI-generated summary, a 30-day alignment trend, sending source breakdown, DNS posture, policy history, and alerts. Most weeks, one glance is enough.

AI summary

Plain-English breakdown of your data

Every domain detail view opens with an AI-generated paragraph that interprets what the numbers mean. Not just "86.3%" but why it is 86.3%, which sender is responsible, and what to do about it before you move policy forward.

Domain header showing theirsite.com with p=none policy and an AI-generated summary: alignment at 86.3%, Google LLC is the largest unauthenticated sender, recommendation to audit SPF before enforcing

Four numbers, one verdict

Alignment rate, DMARC policy, reporter count, and age of the last report. If alignment is falling or reporters have gone quiet, this row flags it before you read anything else.

Four metric cards: 86.3% DMARC pass rate, p=none policy, 3 reporters from Google Yahoo and Microsoft, last report 3 days ago

Spot regressions before you enforce

Email volume split by DMARC compliance, plotted over 30 days. A widening gap between compliant and total messages is the signal to investigate before moving from p=none to p=quarantine.

Area chart showing daily email volume by DMARC compliance over 30 days: 20,780 compliant versus 3,320 failed

Who is sending from your domain

Every source from the last 7 days, grouped into Authorized (passing DMARC) and Unauthenticated (failing). Authorized means SPF and DKIM are both configured correctly for that sender.

A source failing at 83.8% usually means a misconfigured integration, not spoofing. The distinction matters when deciding whether to escalate policy.

Top senders panel: Authorized section shows Microsoft 4,400 messages 100% and Yahoo Inc 4,080 messages 100%; Unauthenticated shows Google LLC 7,640 messages 83.8% and Unknown AS 90 messages 0%
DNS posture panel showing DMARC valid, SPF valid, DKIM monitoring, BIMI optional
Domain health checklist showing DMARC record configured OK, single record OK, syntactically valid OK, reports flowing OK, alignment rate warning, policy not enforced note

Are your records actually set up right?

DNS posture shows whether each record (DMARC, SPF, DKIM, BIMI) is present and valid. Domain health translates those records into actionable checks: are reports arriving, is alignment healthy, is policy enforced?

These two panels answer different questions. Posture tells you what is in DNS. Health tells you whether the current configuration is doing what you intend.

Track every policy change

Every time your DMARC p= value changes, it is recorded with a timestamp. Moving from p=none to p=quarantine and back is visible here, so there is no ambiguity about when a change happened or what it was.

Useful when debugging a delivery problem: you can rule out a recent policy change as the cause in seconds.

Policy history panel showing three entries: p=none 16 days ago, p=quarantine 63 days ago in orange, p=none 117 days ago

Alerts

Fires when something actually matters

Alerts fire for alignment regressions, spoofing signals, and DNS record changes. Most domains are quiet most of the time.

Each alert links directly to the affected domain. Acknowledge it once reviewed, or let it resolve automatically when the underlying issue clears.

Alerts list showing DMARC record changed alerts for three domains and an alignment regression at 86.3% below the 95% threshold

Integrations, Pro

Pull data or push alerts anywhere

API keys give programmatic read access to your domains, reports, and alerts, useful for dashboards, scripts, and internal tooling.

Webhooks push alert events to any HTTPS endpoint the moment they fire: Slack, PagerDuty, a SIEM, or your own handler. Each endpoint gets a signing secret so you can verify payloads before processing them.

API keys list showing three keys: Production monitoring and Zapier automation enabled, Internal alerting disabled, each with a prefix, last-used date, and toggle
Webhook endpoints list showing a Slack hook receiving 3 event types and a PagerDuty endpoint receiving all events

Start monitoring your domains

Free tier covers one domain. No credit card required.

Start free