Frequently asked questions

Albaspot is a domain, DNS, DMARC, and website management platform built specifically for Managed Service Providers. It lets you manage all your clients' domains, DNS zones, email security records, SSL certificates, and hosted websites from a single dashboard — without switching between registrar portals, DNS consoles, and separate DMARC tools.

Albaspot is built around the MSP team model, not a flat registrar account. Every domain is associated with a client, not just a folder or label. You get DMARC monitoring, DNS record management, SSL expiry tracking, and website hosting all in one platform — plus a client portal so your clients and their developers can self-serve where appropriate.

Yes. Each client gets their own login to the Albaspot client portal. They can view and manage only their own resources — domains, DNS records (role-dependent), DMARC reports, and websites. There is full isolation between clients. They cannot see any other client's data.

Yes. Clients can invite their own team members to their client portal. Developers can be given DNS record write access for their specific domains. Marketing users can get read access to DNS health and DMARC pass/fail summaries without being able to modify any records. Each role is separate and scoped to that client only.

Albaspot supports A, AAAA, CNAME, MX, TXT, SRV, CAA, and NS records. You can create, edit, and delete records individually, and apply pre-built templates for common setups like Google Workspace, Microsoft 365, or DMARC enforcement. Record changes are logged with a full change history.

Albaspot parses DMARC aggregate (RUA) reports automatically as they are received. You get a per-domain dashboard showing pass/fail rates, sending source breakdown, and policy status. The platform can recommend policy changes (from p=none to p=quarantine to p=reject) based on the report data, and apply them directly to the DNS record. You can also compare DMARC posture across all client domains in a single view.

Yes. Domain monitoring continuously watches DNS records for changes. If a DMARC policy drops from p=reject to p=none, or an SPF record is modified, you receive an alert. You can configure monitoring per domain — including alert thresholds, notification preferences, and monitoring schedules.

Team members are added through the Members section. There are three internal roles: Owner (full admin access including billing), Admin (full operational access), and Member (scoped access). You can restrict Members to specific clients or resource types. Invitations are sent by email and expire.

Yes. Every create, update, and delete action is recorded in the activity log with the actor (MSP team member or client user), the resource changed, the timestamp, and the originating IP address. The log is viewable by the MSP team and, for their own actions, by client users in the client portal.

Yes. You can register new domains across 400+ TLDs on behalf of clients, or transfer existing domains into Albaspot. Clients can also initiate domain registrations or transfers themselves from the client portal, subject to the permissions you have set. Auto-renew and expiry alerts are available for all domains.

Albaspot provisions and manages websites through an integrated hosting layer with Cloudflare protection enabled by default on every site. You can set the PHP version, create and manage SFTP credentials, install SSL certificates, and browse or edit files directly in the platform. WordPress credential resets are also available. Each website is associated with a client.

Yes. SSL certificate expiry is monitored for all domains and websites in your account. You receive configurable advance warnings (for example, at 60, 30, and 14 days before expiry). SSL monitoring is part of the broader domain monitoring system, which also covers domain expiry and DNS changes.

Yes. DNS templates let you define a reusable set of DNS records and apply them to any domain. Templates are useful for standardising email provider configurations (MX, SPF, DKIM), common web hosting setups, or any record patterns you deploy repeatedly. Templates can be synced and applied from within the DNS management interface.

DMARC (Domain-based Message Authentication, Reporting, and Conformance) prevents spoofing and phishing from your clients' domains. Without it, anyone can send emails that appear to come from a client's domain — damaging their reputation and exposing them to liability. PCI DSS 4.0 now formally references DMARC, making it baseline security for any MSP serving clients with compliance requirements.

No — when done correctly. Albaspot uses a phased enforcement approach: start with p=none (monitoring only) to identify all legitimate sending sources, then advance to p=quarantine, then p=reject. The policy recommendation engine only suggests advancing enforcement when the data confirms it is safe.

Typically 2–4 weeks is enough to capture data from all major mail providers. Stay in monitoring until aggregate reports show no unexpected failing sources and your core business email achieves near-perfect alignment. Albaspot tracks this automatically across every client domain.

No. SPF and DKIM authenticate emails individually, but without DMARC there is no enforcement policy telling receiving mail servers what to do when authentication fails — meaning spoofed emails can still reach inboxes. DMARC adds the enforcement and reporting layer that makes email authentication actionable.

DMARC provides documented, verifiable evidence that your clients are actively protecting their email channels from spoofing. PCI DSS 4.0 formally includes DMARC. Your DMARC report history and enforcement progress serve as direct proof of technical controls during compliance audits.

Yes. MSPs bundle DMARC setup, ongoing monitoring, policy enforcement, and quarterly reporting into a managed security service. Because DMARC configuration is complex for most clients, it commands a monthly recurring fee. Albaspot lets you manage hundreds of client domains efficiently, keeping service margins strong.