DMARC Analyzer
Analyze DMARC XML reports with a free, open-source tool — view it in your browser or self-host it for automated email digests.
The DMARC Analyzer is an open-source tool that parses DMARC XML reports and turns them into human-readable dashboards. Use it directly in your browser, or deploy your own instance to receive automated email digests powered by MailBlastr.
What is DMARC?
DMARC (Domain-based Message Authentication, Reporting, and Conformance) is an email authentication protocol that builds on SPF and DKIM. It lets domain owners specify how unauthenticated email should be handled and receive reports about authentication results.
When you set up a DMARC policy, mailbox providers send XML reports to the address you specify. These reports contain valuable data about who is sending email on behalf of your domain and whether those messages pass authentication — but the raw XML is hard to read. The DMARC Analyzer visualizes it.
Features
- Parse and visualize DMARC XML reports instantly.
- View SPF and DKIM alignment results per source.
- Identify unauthorized senders using your domain.
- Self-host with automated report ingestion via MailBlastr Receiving.
- Receive email digests summarizing your DMARC reports.
Web interface
The quickest way to get started, with no setup required:
- 1Open the analyzer
Go to the hosted DMARC Analyzer web app.
- 2Paste your report
Paste your DMARC XML report, or upload the XML file directly.
- 3Read the results
View the parsed, human-readable results instantly — alignment, sources, and pass/fail per sender.
Self-hosted with automated reports
For ongoing monitoring, deploy your own instance. It connects to MailBlastr Receiving webhooks so DMARC reports sent to your domain are automatically ingested and analyzed, with email digests delivered through MailBlastr.
- 1Clone the repository
Clone the DMARC Analyzer repo and change into the project directory.
- 2Install dependencies
Install with your package manager of choice (
npm install,pnpm install,yarn install, orbun install). - 3Configure environment variables
Copy
.env.exampleto.env.localand fill inMAILBLASTR_API_KEY,MAILBLASTR_WEBHOOK_SECRET,EMAIL_FROM(from a verified domain), andEMAIL_TO. - 4Test the application
Start the dev server, register a publicly accessible HTTPS URL in the MailBlastr dashboard, enable the
email.receivedevent, and copy the signing secret intoMAILBLASTR_WEBHOOK_SECRET. - 5Deploy
Deploy to your preferred host and update the webhook endpoints in the dashboard —
/api/webhooks/dmarc/ruafor aggregate reports and/api/webhooks/dmarc/ruffor failure reports.
Environment variables
MAILBLASTR_API_KEYstringrequiredYour MailBlastr API key.
MAILBLASTR_WEBHOOK_SECRETstringrequiredSigning secret from the MailBlastr webhook endpoint you set up.
EMAIL_FROMstringrequiredSender address for digest emails (must be from a verified domain).
EMAIL_TOstringrequiredRecipient address for digest emails.