VerifyMaill VerifyMaill

Stop spoofing before it lands

Parse aggregate (RUA) and forensic (RUF) reports, track alignment across every sender, and catch authentication failures in real time, without touching XML.

Includes 250 free credits · No credit card required

99% Deliverability Encrypted & secure GDPR Compliant

DMARC Aggregate Report

verifymaill.com · last 7 days

Live

Pass rate

30.0%

Messages

17.5K

Failures

12.3K

Google Workspace

Authorized sender · 5,250 msgs

SPF DKIM

SendGrid

DKIM alignment failing · 4,820 msgs

SPF DKIM

Mailchimp

SPF alignment failing · 3,180 msgs

SPF DKIM

185.220.101.x

Unauthorized · spoof attempt · 4,250 msgs

SPF DKIM

Trusted by 5,600+ Businesses Across 180+ Countries

Parse

Readable reports, no XML required

Receivers send DMARC reports as gnarly XML. We parse, dedupe, and aggregate them into a dashboard you can actually use.

  • RUA (aggregate) and RUF (forensic) report parsing
  • Auto-dedupe across receivers: Gmail and Outlook both report the same send
  • 30 days of history retained by default, longer on request
aggregate.xml
<!-- raw RUA xml -->
<record>
  <row>
    <source_ip>209.85.220.41</source_ip>
    <count>12847</count>
    <policy_evaluated>
      <disposition>none</disposition>
      <dkim>pass</dkim>
      <spf>pass</spf>
    </policy_evaluated>
  </row>
  <identifiers>
    <header_from>verifymaill.com</header_from>
  </identifiers>
</record>
Parsed report 1 source · 7 days

Google Workspace

12,847 messages

SPF DKIM Pass
Alignment

See every sender using your domain

Every sender that uses your domain: SPF and DKIM alignment broken out by source. Find the misconfigured ESP, the legacy server, or the rogue marketing tool.

  • Every sending source in one matrix
  • Per-source SPF and DKIM alignment status
  • Drill into any source for raw header samples
Source
SPF
DKIM
Messages
Google Workspace
12,847
SendGrid
3,421
HubSpot
1,944
Mailchimp
1,205
Legacy CRM (10.x)
112
185.220.101.x
47
Alert

Catch problems the moment they start

Spoof attempts, unauthorized senders, and alignment regressions surface immediately, so you can revoke or remediate before deliverability suffers.

  • Email + webhook alerts on unauthorized sources
  • Alignment-regression alerts when a previously-passing sender starts failing
  • Volume-aware severity: single probes don't wake anyone up

Unauthorized sender

2 min ago

185.220.101.42 sent 47 messages as noreply@verifymaill.com. SPF + DKIM both failed alignment.

DKIM alignment regression

1 h ago

Mailchimp DKIM alignment dropped from 100% to 47%: selector likely rotated without DNS update.

Policy

Reach full enforcement, safely

DMARC enforcement is only useful at p=reject, and only safe once every legitimate sender aligns. We tell you when you're ready and what to fix if you're not.

  • Guided progression: none → quarantine → reject
  • Pre-flight check shows which senders would start failing at each step
  • BIMI readiness: see when your posture qualifies you for logo placement

p=none

Monitor only

2

p=quarantine

Suspect → spam

3

p=reject

Block spoofs

Ready to move forward

99.7% of legitimate mail is aligning, safe to move to p=reject after fixing 2 remaining senders.

The DMARC monitoring stack

Everything you need to actually enforce DMARC

Setting a DMARC record is the easy part. Knowing it's safe to enforce, and staying safe once you do, is the part this is built for.

RUA report parsing

Aggregate reports turned into readable dashboards. No XML, ever.

RUF forensic parsing

Failure samples decoded with the offending headers preserved.

Per-source alignment

SPF and DKIM alignment broken down by every sending source.

Unauthorized sender alerts

Get notified the moment a new IP starts sending as you.

Subdomain coverage

Track main domain and every subdomain in one report.

Policy progression help

Guided transition from p=none → quarantine → reject.

BIMI readiness

See when your DMARC posture qualifies you for BIMI logo placement.

Trend dashboards

Volume, pass rate and alignment over time, by source.

Email alerts

Policy drift, alignment failures and new senders surface as alerts.

Frequently asked questions

What's the difference between RUA and RUF reports?
RUA (aggregate) reports are XML summaries sent by every major receiver, typically daily, summarizing pass/fail counts per source. RUF (forensic / failure) reports are individual samples of messages that failed DMARC, sent in near real time, with headers preserved.
Do I need to set up DMARC before using this?
Yes, but it's easy. Add a single _dmarc.yourdomain.com TXT record pointing the rua (and optionally ruf) tag at the address we generate. Reports start arriving within 24 hours; we'll guide you through it.
Will I get notified of spoofing attempts?
Yes. Any unauthorized source that fails alignment triggers an alert, both as a dashboard event and an email to your team. Severity scales with volume, so a single curious probe doesn't wake anyone up.
Does it work with subdomains?
Yes. We track the apex domain and every subdomain in one report, with separate policy and alignment columns for each. Great for orgs with departmental subdomains or staging environments.
Can I track DMARC alignment per source?
Yes, that's the whole point. Every sending source (Google Workspace, SendGrid, your transactional ESP, that one HubSpot workflow nobody knew about) gets its own row with SPF and DKIM alignment status.
Does it support policy progression (none → quarantine → reject)?
Yes. The dashboard tells you when your alignment is healthy enough to move from p=none to p=quarantine and on to p=reject, and warns you about the senders that would start failing if you did.

Lock spoofers out of your domain

Parse every report, alert on every drift, enforce with confidence. 250 credits free, no credit card required.

Includes 250 free credits · No credit card required