# DMARC Analyzer

> Analyze DMARC XML reports with a free, open-source tool — view it in your browser or self-host it for automated email digests.

The DMARC Analyzer is an open-source tool that parses DMARC XML reports and turns them into human-readable dashboards. Use it directly in your browser, or deploy your own instance to receive automated email digests powered by MailBlastr.

## What is DMARC?

DMARC (Domain-based Message Authentication, Reporting, and Conformance) is an email authentication protocol that builds on [SPF and DKIM](https://www.mailblastr.com/docs/domains/managing). It lets domain owners specify how unauthenticated email should be handled and receive reports about authentication results.

When you set up a DMARC policy, mailbox providers send XML reports to the address you specify. These reports contain valuable data about who is sending email on behalf of your domain and whether those messages pass authentication — but the raw XML is hard to read. The DMARC Analyzer visualizes it.

## Features

- Parse and visualize DMARC XML reports instantly.
- View SPF and DKIM alignment results per source.
- Identify unauthorized senders using your domain.
- Self-host with automated report ingestion via [MailBlastr Receiving](https://www.mailblastr.com/docs/receiving/introduction).
- Receive email digests summarizing your DMARC reports.

## Web interface

The quickest way to get started, with no setup required:

1. **Open the analyzer** — Go to the hosted DMARC Analyzer web app.
2. **Paste your report** — Paste your DMARC XML report, or upload the XML file directly.
3. **Read the results** — View the parsed, human-readable results instantly — alignment, sources, and pass/fail per sender.

## Self-hosted with automated reports

For ongoing monitoring, deploy your own instance. It connects to [MailBlastr Receiving](https://www.mailblastr.com/docs/receiving/introduction) webhooks so DMARC reports sent to your domain are automatically ingested and analyzed, with email digests delivered through MailBlastr.

1. **Clone the repository** — Clone the DMARC Analyzer repo and change into the project directory.
2. **Install dependencies** — Install with your package manager of choice (`npm install`, `pnpm install`, `yarn install`, or `bun install`).
3. **Configure environment variables** — Copy `.env.example` to `.env.local` and fill in `MAILBLASTR_API_KEY`, `MAILBLASTR_WEBHOOK_SECRET`, `EMAIL_FROM` (from a verified domain), and `EMAIL_TO`.
4. **Test the application** — Start the dev server, register a publicly accessible HTTPS URL in the MailBlastr dashboard, enable the `email.received` event, and copy the signing secret into `MAILBLASTR_WEBHOOK_SECRET`.
5. **Deploy** — Deploy to your preferred host and update the webhook endpoints in the dashboard — `/api/webhooks/dmarc/rua` for aggregate reports and `/api/webhooks/dmarc/ruf` for failure reports.

### Environment variables

| Name | Type | Required | Description |
| --- | --- | --- | --- |
| `MAILBLASTR_API_KEY` | string | Yes | Your [MailBlastr API key](https://www.mailblastr.com/docs/api-keys/overview). |
| `MAILBLASTR_WEBHOOK_SECRET` | string | Yes | Signing secret from the MailBlastr webhook endpoint you set up. |
| `EMAIL_FROM` | string | Yes | Sender address for digest emails (must be from a [verified domain](https://www.mailblastr.com/docs/domains/managing)). |
| `EMAIL_TO` | string | Yes | Recipient address for digest emails. |

> **Note:** For local development, expose your localhost server at a public HTTPS URL with a tunneling tool (e.g. ngrok or VS Code Port Forwarding) so MailBlastr can reach your webhook endpoint. The project is built with Next.js, so it deploys to any platform that supports it.
