Albaspot Albaspot
Features Pricing Tools Blog Docs About FAQ Contact
Sign in Get started
All features

DMARC Management Platform for MSPs

Protect every client domain from email spoofing and phishing. Deploy SPF, DKIM, and DMARC policies across your entire portfolio — and move every client to full enforcement with a guided, risk-free process.

p=none → p=reject wizardAggregate report parsingMulti-domain dashboardCompliance reportingEmail authentication monitoring

BUILT FOR MSPS

Everything a multi-tenant DMARC platform needs

Generic DMARC tools are designed for a single organization managing their own domain. Albaspot scales across dozens or hundreds of client domains without multiplying your workload.

01

Multi-tenant dashboard

See every client's DMARC posture, policy level, and pass rate from one view — no switching between accounts.

02

Guided policy enforcement

Move clients from p=none monitoring to p=reject enforcement safely, with data-driven recommendations so you never break legitimate email.

03

Aggregate report parsing

DMARC RUA reports are parsed automatically. No more downloading XML files — just dashboards and per-source breakdowns.

04

Proactive alerting

Get notified when pass rates drop, policies change unexpectedly, or new unknown senders appear — before your clients notice a problem.

05

SPF & DKIM health checks

Email authentication requires SPF, DKIM, and DMARC working together. Albaspot monitors all three and flags misalignments.

06

Full audit trail

Every policy change, DNS update, and alert is logged with timestamps and actor — ready for client reports or compliance audits.

POLICY MANAGEMENT

DMARC policy monitoring and management

DMARC aggregate (RUA) reports are parsed automatically as they arrive. Each domain gets a dashboard showing pass/fail rates, volume over time, and a breakdown of sending sources.

The policy recommendation engine evaluates your current report data and suggests whether to move from p=none to p=quarantine or p=reject. Apply the recommendation directly to the DNS record without leaving the platform.

  • Policy wizard walks through each enforcement stage
  • Apply DNS changes directly from the policy recommendation
  • Toggle auto-management to advance policy automatically
  • View full policy change history per domain
  • DNS health check shows current live DMARC record vs. what Albaspot expects
acmecorp.com — DMARC Policy
p=reject pct=100
98.2%
Pass rate
1,841
Msgs this week
32
Failures
clientsite.net — DMARC Policy
Recommendation available
p=none → Recommended: p=quarantine
Multi-domain comparison
Domain Policy Pass rate
acmecorp.com p=reject 98.2%
boldwidgets.io p=quarantine 94.7%
clientsite.net p=none 71.3%

INVESTIGATION TOOLS

Understand exactly who is sending on behalf of your clients

SENDER PROFILES

Approved senders

Track the known legitimate email senders for each client domain — Google Workspace, Mailchimp, HubSpot, etc. Auto-discover identifies sending sources from report data. For each source you can record the ASN, expected mail volume, and approval status.

  • Auto-discover senders from DMARC report data
  • Refresh ASN information per sender
  • Mark senders as approved or unknown

FAILURE INVESTIGATION

Diagnose failures fast

The failures view shows messages that failed DMARC alignment — by source IP, sending domain, and volume. Useful for identifying sources that are sending on behalf of your clients without correct SPF or DKIM alignment.

  • Filter failures by date range and domain
  • See source IP and sending volume per failure group
  • Export DMARC report data as CSV

ALERT RULES

Configurable alerts for every trigger

Set up alert rules that trigger when DMARC pass rates drop below a threshold, when a policy changes, or when new unknown senders appear. Alerts can notify your team via email or webhook.

Pass rate drops below threshold
Policy changed to a lower enforcement level
New unknown sender detected in reports

COMPLIANCE

DMARC is now a compliance requirement

DMARC is explicitly referenced in major compliance frameworks. If your clients operate under any of the following, DMARC enforcement is expected or required.

PCI DSS 4.0

Requirement 5.4.1 formally includes DMARC as part of anti-phishing controls. Required for any MSP or client processing payment card data.

NIS2 Directive

EU network and information security directive requires organizations to implement technical measures against email-based threats including spoofing.

ISO/IEC 27001

Email authentication controls support Annex A.8 requirements for protecting information systems from external threats.

HIPAA

DMARC report history and enforcement documentation provides verifiable evidence of technical email security controls for HIPAA risk assessments.

MSP REVENUE OPPORTUNITY

DMARC as a recurring managed service

DMARC is technically complex for most businesses to configure and maintain — making it a natural managed service offering. MSPs routinely bundle DMARC setup, monitoring, policy advancement, and quarterly reporting into a monthly recurring service.

01

Recurring monthly revenue

Per-domain or per-client pricing that scales predictably with your MSP as you onboard new clients.

02

Fast client onboarding

Add a new client's domains and start monitoring in minutes. The policy wizard guides the enforcement process.

03

Client-ready reporting

Show measurable security outcomes — pass rates, enforcement progress, threats blocked — at every QBR.

Email security across every client domain

Deploy DMARC, advance enforcement safely with the policy wizard, and bill it as a recurring managed security service.

Start free trial See pricing

DMARC monitoring starts at $39/month. See full pricing →