Free Tool
Once DMARC is set up, mail providers start emailing you daily XML “aggregate reports” — dense, machine-readable, and nearly impossible to read by hand. Drop them here for a plain-English summary of who's sending mail as your domain and what's getting through. No upload, no account, no sales sequence.
Drop DMARC report files here, or click to choose
.xml, .xml.gz, or .zip — drop the whole batch at once. Processed entirely in your browser.
What this tool does
DMARC aggregate reports are dense XML built for machines. Drop them in — one or a whole batch — and get totals, pass/fail rates, and a ranked list of every source sending as your domain.
Which legitimate senders are aligned, which sources are failing, and which look like spoofing attempts your policy stopped. The DKIM selectors in use, too — handy for the records checker.
These reports expose your sending IPs and mail setup. So there's no upload — every byte is decompressed and analyzed on your own device. We never see your reports.
Why read them at all
Publishing a DMARC record turns on reporting. Within a day, receivers start sending you aggregate reports showing every source that sent mail claiming to be your domain — legitimate apps you forgot about, marketing platforms, and the occasional spoofing attempt.
That data is how you safely move from p=none (monitoring) to p=quarantine or p=reject (enforcement) without accidentally blocking your own newsletters or invoices. But almost nobody reads them, because raw DMARC XML is miserable. This makes it readable.
Pair it with the records checker — check your DNS before setup, read your reports after.
If you'd rather not
Email authentication setup includes a monitoring period where we watch the reports, confirm every legitimate sender is aligned, and only then tighten the policy to enforcement. You don't have to become a DMARC expert — that's our job. Free one-hour consultation to start.