Getting started with dmarcian

dmarcian tools are under constant development to make DMARC deployment faster and easier for everyone. This article describes how to best use the tools today.

If you’re just getting started, create an account on dmarcian. Then, while logged into your account, add your domains to the site.

When your domains are added to the site, publish DMARC records for each domain to begin collecting data. DMARC data is generated on a 24 hour cycle, so give the site a few days to collect data.

If you’re new to DMARC, now would be a good time to get familiar with the technology and what it can do.

With data in place, visit the Domain Overview to assess the state of your domains. From there you can click on the state of DMARC, SPF, DKIM and determine the volume of your domains. If you ever want to force the site to refresh your domain (maybe because you just updated a DMARC or SPF record and want the site to pick up the change), click the options icon to the right of the domain and select refresh.

Next, in the upper-right navigation, visit the DMARC Manager > Source Viewer. dmarcian maintains a set of rules to identify legitimate sources of email that are capable of sending DMARC-compliant email. The Source Viewer is used to identify which sources of email need work to bring the compliance percentage as close to 100% as possible. Click on the SPF/DKIM percentages to view notes on how to get individual sources into compliance with DMARC.

The last tool to get familiar with is the DMARC Manager > Detail Viewer. This tool allows you to explore your DMARC data in a variety of ways. The top half of the page shows a timeline of your data along with search parameters such as date selectors, domain and data-provider pickers, and a filter option that can be used to show what would have happened had a DMARC policy been in place.

The bottom half of the Detail Viewer page shows your data grouped into four high-level tabs: DMARC-capable, Non-compliant, Forwarding, and Threat/Unknown. For details on how dmarcian categorizes data, see this article. Each tab shows groups of infrastructure and details on DMARC compliance. You can reveal more detail about each group by expanding the plus icon. Fine-grained detail on each message flow can be revealed by expanding subsequent plus icons. Column definitions for the fine-grained view can be found by mousing over column headers. This data shows you exactly how email streams that are using your domains are being perceived by email receivers.

If you’re new to dmarcian, give the Threat/Unknown tab a once over and let dmarcian know if you find a source of email that is known to you. We’ll investigate the source and add it to our rules. Once added, the source of email will no longer appear in Threat/Unknown, making ongoing management of DMARC compliance easier.

You can end your introduction to dmarcian by revisiting the Source Viewer tool and discovering which sources need help with DMARC compliance. By clicking on the green or yellow background SPF/DKIM percentages, you’ll see a popup that provides notes on how to configure the source to become DMARC compliant.

Once your sources of email are >98% compliant with DMARC, you’ll be ready to publish a more stringent DMARC policy.