DMARC MONITORING // RUA REPORTS
DMARC Monitoring: Know Everyone Who Sends As Your Domain
Every day, Gmail, Outlook, and Yahoo will tell you exactly who is sending email as your domain, in XML files nobody reads by hand. DMARC monitoring turns that raw feed into a ledger of sources, volumes, and failures you can act on.
Inbox placement
67%
··%
· ·
Authentication
checking 130+ blacklists
Sample data. Seed results are estimates, not guarantees.
What is a dmarc monitoring?
DMARC monitoring is the continuous collection and parsing of the aggregate (RUA) reports mailbox providers send about every message claiming to come from your domain. Point your record's rua tag at Inboxes and the XML becomes a readable ledger: every source IP sending as your domain, its volume, and whether SPF and DKIM passed and aligned. That is how you find the forgotten billing system that never got a DKIM key, and the spoofer you did not know existed, before p=reject would have quarantined the former. Failure forensics show which stage broke: no signature, wrong domain, or an unaligned Return-Path. Plans parse from 50K rows per month on Solo up to 10M on Agency. Monitoring proves who sends as you; it cannot by itself promise inbox placement, and nothing can.
// one week of parsed RUA data for example.com
203.0.113.25 sendgrid.net 412,880 msgs spf pass dkim pass 198.51.100.9 unknown (no PTR) 1,204 msgs spf fail dkim fail aligned: 99.7% | new sources this week: 1 | current policy: p=quarantine
Aggregate reports turned into a ledger: every IP sending as your domain, passing or not.
What you get
Dmarc monitoring, done properly
XML in, ledger out
Raw RUA reports are gzipped XML from dozens of receivers. Inboxes aggregates them into one table: source, volume, SPF, DKIM, alignment, disposition.
New-source alerts
The moment an unfamiliar IP starts sending as your domain, you hear about it: sometimes a spoofer, just as often a tool someone in marketing connected on Friday.
Forensics on every failure
A failure is only actionable when you know the stage: unsigned mail, a wrong d= domain, an unaligned bounce address. Each failing source is diagnosed, not just counted.
Volume that scales with plans
50K parsed rows per month on Solo, 500K on Growth, 2M on Scale, 10M on Agency: enough headroom for a side project or a multi-brand agency book.
How it works
From send to fix list in four steps
Update one DNS tag
Add the Inboxes rua address to your existing DMARC record; sending changes nothing else.
Reports flow in
Within 24-48 hours the first aggregate reports arrive from Gmail, Outlook, Yahoo, and other receivers.
Review the source ledger
See every service sending as your domain, legitimate or not, with per-source pass rates.
Tighten policy on evidence
Fix the failing legitimate sources, then step toward p=reject knowing exactly what it will block.
The honest boundary: seed results are directional estimates and nobody can guarantee inbox placement. Inboxes finds the fixable causes, tells you exactly what to change, and monitors the result. No warmup networks, no bot opens, ever. Full detail on the methodology page.