Skip to content

Using the Dashboard

The Dashboard is where you can see all of your monitored domains and their DMARC compliance state. It is the first page you see when you log in after adding at least one domain to your organisation.

Dashboard Columns

The Dashboard has the following columns:

  • From Domain: Domains that you have added to your account, or subdomains that we have automatically discovered in your DMARC reports using Header From.
  • Status: This reflects whether the domain has a DMARC record, and if it does, whether it is set to none, quarantine, reject or is inheriting policy.
    • means that the domain has a DMARC record and it is set to quarantine or reject.
    • means that the domain has a DMARC record, it is set to reject and has been flagged as parked (i.e. not expected to be sending compliant email). These domains are hidden by default on the Dashboard and revealed using the toggle next the date picker..
    • means that the domain has a DMARC parent domain or subdomain record, or an inherited DMARC record, but set to none.
    • means that the domain does not have a DMARC record or an invalid DMARC record.
    • means that the domain is inheriting a DMARC record from a parent domain.
    • There are also tooltips on the page to explain these icons.
    • We query your DMARC DNS record when you sign into the Dashboard, and cache these results for up to 1 hour.
  • Effective Policy: This is the policy that is being applied to the domain, based on the DMARC record.
  • Compliant %: This is the percentage of messages that are passing DMARC.
    • It is calculated by dividing the total number of DMARC compliant messages that we have received DMARC RUA reports, by the total number of messages that we have received DMARC RUA reports for.
  • Compliance Chart: This is a quick way to identify the compliance state of a domain. It shows the percentage of messages that are using both DKIM & DMARC, DKIM only, SPF only, or none of these.
    • DKIM & SPF
    • DKIM only
    • SPF only
    • Non-Compliant
  • Total Count: This is the total number of messages that we have received DMARC RUA reports for.
    • This metric is counted towards your subscription's message limit.
  • Action: If we have received DMARC RUA reports for a domain, you'll see a View Senders link. This will take you to the Senders page, where you can see where messages are originating from for your domain. See the Senders page for more information.

Dashboard Workflow and Usage

The dashboard is designed so you can quickly review the compliance state of your domains and get straight to actionable data.

To focus attention on actionable data, domains flagged as parked are hidden by default. Each time DMARC records are refreshed they are checked to ensure any domain flagged as parked still has a valid reject policy, if it does not, it will automatically revert to not parked. If DMARC compliant mail is reported for a parked domain, it will also automatically revert to not parked. Use the toggle to the right of the date picker to show or hide domains flagged as parked.

Here's a typical workflow:

  1. Check your domain DMARC DNS record state: We colour code the Status column to make it easy to identify the compliance state of your domains. Start with reviewing any domains that have a beige coloured row. This means that either the domain has a weak DMARC policy (none), no DMARC policy, an invalid DMARC policy, or we're not receiving DMARC reports for the domain.
    • For any of these domains, you should review your DMARC record and ensure that it is correctly configured.
    • If you have parked domains that do not send email, you should set up DMARC records for these domains with a policy of reject, and an empty SPF record with a -all mechanism e.g. v=spf1 -all. This will prevent these domains being used to conduct impersonation attacks.
  2. Check your DMARC compliance state: Next, review the Compliant % and Compliance Chart columns. These will give you an idea of the percentage of messages that are passing DMARC, and the authentication methods that are being used to send messages from your domain.
    • This data does not populate immediately after adding a domain, as it requires DMARC reports to be received and processed. This can take up to a week to come through, assuming the domain is actively sending email.
    • If you have a low Compliant %, you can use the View Senders link to see where messages are originating from for your domain. This will help you identify authorised but not correctly configured sources of email, as well as unauthorised sources of email. See the Senders page for more information.
    • Keep in mind that some services may only periodically send emails. For example accounting software sending invoices once a month in a small volume. This can be a cause of non-compliant messages even if you have a high Compliant %. Be sure to use the View Senders link to review the sources of email for your domain.

Unless you are regularly adding new domains to your account, you should only need to review the dashboard periodically to check your compliance state. If you are adding new domains, you should review the dashboard daily until you have all of your sending sources correctly configured and your compliance state is high. See the Guidance page for more information on how to deal with non-compliant mail sources or a drop in your Compliant % level.