Included for every Conbool tenant

DMARC reports.Understand instead of collect.Permanently free.

Aggregate and forensic reports are captured directly through the existing mail flow, visualized in charts and condensed into concrete recommendations. No subscription, no subprocessor, no second vendor.

Try Conbool for free Request a consultation

DMARC v1

AggregateForensicAlerts

rua=mailto:dmarc@…

Reports captured

Conbool DMARC: capture, analyze and secure DMARC reports centrally.

Conbool DMARC bundles aggregate reports, forensic reports, pass-rate analysis and concrete recommendations into one module that is enabled by default in every Conbool tenant.

Why DMARC reporting fails in many organizations

Reports come as XML

Aggregate reports are machine-readable XML files in ZIP or GZIP archives. Manual analysis from a mailbox is not practical.

External subprocessors

Classic DMARC tools process reports at third parties. This expands the data path and requires additional data processing agreements.

Incomplete analysis

Without continuous analysis, the move to p=quarantine or p=reject remains a risk. Legitimate mail streams may be blocked.

No early warning

Pass-rate drops and new sending sources signal phishing waves early, but go unnoticed without automatic analysis.

How Conbool DMARC works

Three steps and reporting runs automatically in the background.

Set the DMARC record

A TXT record in DNS with a rua address inside the tenant domain is sufficient. Conbool shows the exact entry in the setup wizard.

Reports arrive automatically

Mail providers deliver daily DMARC reports to the tenant domain. Conbool captures them through the existing mail flow.

Analysis and recommendations

Charts, drilldowns and concrete recommendations appear directly in the dashboard. Critical events trigger notifications automatically.

What Conbool DMARC delivers

Everything required for productive DMARC report analysis.

Zero-touch setup

Conbool already serves as the MX. One TXT record is sufficient. No second vendor, no subprocessor.

Charts and drilldowns

Pass-rate trend, top source IPs with geo, SPF/DKIM alignment matrix and per-domain drilldown.

Authentication analysis

SPF and DKIM are broken down per sending source, alignment issues are immediately visible.

Concrete recommendations

Move-to-quarantine and move-to-reject recommendations on stable pass rates. Detection of suspicious sending sources.

Email alerts

Critical recommendations are sent automatically to the recipients configured in settings.

Forensic reports

Incoming forensic reports are captured with header details and analyzed.

What sets Conbool DMARC apart

Four structural advantages over external DMARC tools.

Permanently free

DMARC reporting is part of every Conbool tenant. No subscription, no pay-per-domain, no volume tiers.

Data path stays in-house

Reports flow through the existing mail flow. Original mails remain in the mailbox. No additional subprocessor.

Ready to use

A DNS TXT record is enough. No contract changes, no onboarding process, no setup consulting.

GDPR-compliant

Data processing in the EU. Retention configurable. Fully integrated with Conbool RBAC and audit model.

FAQ

What are DMARC aggregate reports?

DMARC aggregate reports are XML-based daily reports that mail providers send to the rua address configured in the DMARC record. They contain aggregated statistics on authenticated and non-authenticated messages per sending source.

How are forensic reports processed?

Forensic reports (RUF), if delivered by the provider, are analyzed including header details. Privacy-relevant content is minimized. Processing happens exclusively within the Conbool tenant.

What are the prerequisites?

A verified email domain in the Conbool tenant and a DMARC DNS record whose rua address is inside the tenant domain. Conbool provides a setup wizard with live DNS check.

Can an existing DMARC vendor run in parallel?

Yes. Multiple rua recipients can be added comma separated in the DMARC record. Conbool captures its reports in parallel to an existing external vendor.

How long are reports stored?

Retention is configurable per tenant between 30 and 365 days. Default is 90 days. Records are deleted automatically afterwards.

Which role is required for access to DMARC Reports?

Access is governed by the dmarcreports.view permission and is granted via Conbool RBAC to owner, security admin, mail admin and auditor. Configuration changes require dmarcreports.manage.

Automate DMARC reporting professionally.

Create an account, set up the DMARC record and the first report appears in the dashboard within 24 hours.

Try Conbool for free Request a consultation

Discover SecureMail Discover MailGuard How DMARC works

Included for every Conbool tenant

DMARC reports.Understand instead of collect.Permanently free.

Try Conbool for free Request a consultation

DMARC v1

AggregateForensicAlerts

rua=mailto:dmarc@…

Reports captured

Conbool DMARC: capture, analyze and secure DMARC reports centrally.

Conbool DMARC bundles aggregate reports, forensic reports, pass-rate analysis and concrete recommendations into one module that is enabled by default in every Conbool tenant.

Why DMARC reporting fails in many organizations

Reports come as XML

Aggregate reports are machine-readable XML files in ZIP or GZIP archives. Manual analysis from a mailbox is not practical.

External subprocessors

Classic DMARC tools process reports at third parties. This expands the data path and requires additional data processing agreements.

Incomplete analysis

Without continuous analysis, the move to p=quarantine or p=reject remains a risk. Legitimate mail streams may be blocked.

No early warning

Pass-rate drops and new sending sources signal phishing waves early, but go unnoticed without automatic analysis.

How Conbool DMARC works

Three steps and reporting runs automatically in the background.

Set the DMARC record

A TXT record in DNS with a rua address inside the tenant domain is sufficient. Conbool shows the exact entry in the setup wizard.

Reports arrive automatically

Mail providers deliver daily DMARC reports to the tenant domain. Conbool captures them through the existing mail flow.

Analysis and recommendations

Charts, drilldowns and concrete recommendations appear directly in the dashboard. Critical events trigger notifications automatically.

What Conbool DMARC delivers

Everything required for productive DMARC report analysis.

Zero-touch setup

Conbool already serves as the MX. One TXT record is sufficient. No second vendor, no subprocessor.

Charts and drilldowns

Pass-rate trend, top source IPs with geo, SPF/DKIM alignment matrix and per-domain drilldown.

Authentication analysis

SPF and DKIM are broken down per sending source, alignment issues are immediately visible.

Concrete recommendations

Move-to-quarantine and move-to-reject recommendations on stable pass rates. Detection of suspicious sending sources.

Email alerts

Critical recommendations are sent automatically to the recipients configured in settings.

Forensic reports

Incoming forensic reports are captured with header details and analyzed.

What sets Conbool DMARC apart

Four structural advantages over external DMARC tools.

Permanently free

DMARC reporting is part of every Conbool tenant. No subscription, no pay-per-domain, no volume tiers.

Data path stays in-house

Reports flow through the existing mail flow. Original mails remain in the mailbox. No additional subprocessor.

Ready to use

A DNS TXT record is enough. No contract changes, no onboarding process, no setup consulting.

GDPR-compliant

Data processing in the EU. Retention configurable. Fully integrated with Conbool RBAC and audit model.

FAQ

What are DMARC aggregate reports?

How are forensic reports processed?

Forensic reports (RUF), if delivered by the provider, are analyzed including header details. Privacy-relevant content is minimized. Processing happens exclusively within the Conbool tenant.

What are the prerequisites?

A verified email domain in the Conbool tenant and a DMARC DNS record whose rua address is inside the tenant domain. Conbool provides a setup wizard with live DNS check.

Can an existing DMARC vendor run in parallel?

Yes. Multiple rua recipients can be added comma separated in the DMARC record. Conbool captures its reports in parallel to an existing external vendor.

How long are reports stored?

Retention is configurable per tenant between 30 and 365 days. Default is 90 days. Records are deleted automatically afterwards.

Which role is required for access to DMARC Reports?

Access is governed by the dmarcreports.view permission and is granted via Conbool RBAC to owner, security admin, mail admin and auditor. Configuration changes require dmarcreports.manage.

Automate DMARC reporting professionally.

Create an account, set up the DMARC record and the first report appears in the dashboard within 24 hours.

Try Conbool for free Request a consultation

Discover SecureMail Discover MailGuard How DMARC works