inboxes.

DMARC MONITORING // RUA REPORTS

DMARC Monitoring: Know Everyone Who Sends As Your Domain

Every day, Gmail, Outlook, and Yahoo will tell you exactly who is sending email as your domain, in XML files nobody reads by hand. DMARC monitoring turns that raw feed into a ledger of sources, volumes, and failures you can act on.

How testing works
Placement test live

Inbox placement

67%

··%

· ·

Authentication

SPF · DKIM · DMARC

checking 130+ blacklists

Sample data. Seed results are estimates, not guarantees.

12,400+ placement tests run 6+ providers 130+ blacklists Ranked fixes

What is a dmarc monitoring?

DMARC monitoring is the continuous collection and parsing of the aggregate (RUA) reports mailbox providers send about every message claiming to come from your domain. Point your record's rua tag at Inboxes and the XML becomes a readable ledger: every source IP sending as your domain, its volume, and whether SPF and DKIM passed and aligned. That is how you find the forgotten billing system that never got a DKIM key, and the spoofer you did not know existed, before p=reject would have quarantined the former. Failure forensics show which stage broke: no signature, wrong domain, or an unaligned Return-Path. Plans parse from 50K rows per month on Solo up to 10M on Agency. Monitoring proves who sends as you; it cannot by itself promise inbox placement, and nothing can.

// one week of parsed RUA data for example.com

203.0.113.25   sendgrid.net           412,880 msgs   spf pass   dkim pass
198.51.100.9   unknown (no PTR)         1,204 msgs   spf fail   dkim fail
aligned: 99.7% | new sources this week: 1 | current policy: p=quarantine

Aggregate reports turned into a ledger: every IP sending as your domain, passing or not.

What you get

Dmarc monitoring, done properly

XML in, ledger out

Raw RUA reports are gzipped XML from dozens of receivers. Inboxes aggregates them into one table: source, volume, SPF, DKIM, alignment, disposition.

New-source alerts

The moment an unfamiliar IP starts sending as your domain, you hear about it: sometimes a spoofer, just as often a tool someone in marketing connected on Friday.

Forensics on every failure

A failure is only actionable when you know the stage: unsigned mail, a wrong d= domain, an unaligned bounce address. Each failing source is diagnosed, not just counted.

Volume that scales with plans

50K parsed rows per month on Solo, 500K on Growth, 2M on Scale, 10M on Agency: enough headroom for a side project or a multi-brand agency book.

How it works

From send to fix list in four steps

01

Update one DNS tag

Add the Inboxes rua address to your existing DMARC record; sending changes nothing else.

02

Reports flow in

Within 24-48 hours the first aggregate reports arrive from Gmail, Outlook, Yahoo, and other receivers.

03

Review the source ledger

See every service sending as your domain, legitimate or not, with per-source pass rates.

04

Tighten policy on evidence

Fix the failing legitimate sources, then step toward p=reject knowing exactly what it will block.

The honest boundary: seed results are directional estimates and nobody can guarantee inbox placement. Inboxes finds the fixable causes, tells you exactly what to change, and monitors the result. No warmup networks, no bot opens, ever. Full detail on the methodology page.

Related deliverability tools

Run your first test in about five minutes