DMARC is a fiddly protocol with an even fiddlier set of reports coming back at you. DMARCHub turns the firehose into a clear picture and tells you when something needs attention.
DMARC RUA reports arrive every day from Google, Microsoft, Yahoo, and dozens of smaller mail receivers. We parse them, normalise the data, and give you a clean view of who's sending mail as your domain, what's passing alignment, and what isn't.
When a receiver sends us a failed-message sample, we keep the technical headers and source IP and throw away the body, subject, and recipient details. You get the information you need to investigate without taking on a pile of customer email content.
MTA-STS lets receivers encrypt mail to you over verified TLS. Hosting it yourself means running an HTTPS server with a hand-rotated policy file. With DMARCHub you publish a CNAME and we serve the policy. Rotations are automatic.
If your DMARC record changes externally - someone in your team edits it, a new vendor adds a record, an attacker plants one - we notice within an hour and email you. You see the diff and decide whether it's intentional.
UK data residency by default (Azure UK South). Encryption at rest and in transit. Authentication via Microsoft Entra so we never see your password. Cyber Essentials Plus aligned controls in our infrastructure.
DMARCHub is in beta. Get in touch and we will be back to you within a business day.
Sign up for beta