DMARC reports decoded. See every sender, catch every spoof, enforce with confidence.
Protecting 500+ domains from spoofing · 🇱🇺 EU-based · GDPR-native
Pass Rate
97.3%
↑ 2.1% vs last week
Policy
quarantine
pct=100 · 4 domains
Senders
12
⚠ 1 unauthorized
Pass rate — last 30 days
Sending Sources
Google Workspace
209.85.220.x
Mailchimp
198.2.134.x
Unknown
185.220.101.x
💡 Ready to advance to p=reject — pass rate above 95% for 14 consecutive days. No unauthorized senders.
And most organizations don't know they're exposed — because DMARC data is unreadable noise.
Attackers use your domain to send phishing emails to your customers. Without DMARC enforcement, you're powerless to stop it. 80% of domains are still at p=none.
80% of domains are at p=none — zero protection
Google and Microsoft send daily XML reports. Thousands of rows. No human reads them. You have zero visibility into who's sending from your domain.
Raw XML you can't act on isn't data — it's noise
Moving from p=none to p=reject is a multi-step process. Most IT teams get stuck at monitoring forever — afraid to break email deliverability.
Without guidance, enforcement never happens
No guesswork. No stuck-at-p=none. A clear path to enforcement.
Enter your domain and set the rua= address in your DNS. Takes 5 minutes. We give you the exact record to copy-paste.
Google, Microsoft, and every email provider start sending DMARC reports to us. We parse, enrich, and make them human-readable.
We tell you exactly when you're ready to advance. From p=none to p=reject, step by step, zero guesswork.
Built for security practitioners, not compliance checkbox-ticklers.
Pass rate trends, volume by day, source breakdown. Know your email health at a glance — not buried in XML.
Every IP enriched with ASN, geo, PTR, abuse flags. Know instantly if it's Google Workspace, Mailchimp, or a phishing botnet.
Step-by-step path from p=none to p=reject. We tell you exactly when it's safe to advance and give you the DNS record to publish.
New unauthorized sender? Fail rate spike? Policy change? Know immediately via email or webhook.
Integrate DMARC data into your SIEM, security stack, or custom dashboard. Full API + webhooks + Sanctum token auth.
Invite your security team, set roles (admin/member/viewer). One dashboard for all your domains.
Unlike generic DMARC tools that show only pass/fail numbers, SpoofHunter connects your report data with Digital Risk Protection intelligence. We correlate DMARC data with known threat actors, active phishing campaigns, and domain abuse patterns.
Lookalike domain detection
See domains registered to impersonate you, before they launch phishing campaigns.
Threat actor correlation
Match unknown senders to known phishing infrastructure.
Brand abuse monitoring
Monitor your brand across the internet — not just your DMARC reports.
"I spent 20 years building the DNS infrastructure that email runs on. I've seen every DMARC tool miss the connection between authentication data and real brand threats."
Anouar Adlani
Founder · Group CTO, EBRAND · Former CTO, EuroDNS
20yrs
DNS infrastructure
X-RAY
DRP platform
EU
GDPR-native
Flat pricing for MSPs. Fair pricing for teams. Start free, no credit card.
Free
Forever free · no credit card
Starter
For small IT teams
Pro ⭐
For growing teams
Business
For MSPs & enterprises
All plans include a 14-day free trial. No credit card required. Compare all features →
⚠️ [REPLACE WITH REAL TESTIMONIALS BEFORE LAUNCH]
"We went from p=none to p=reject in 6 weeks. SpoofHunter showed us exactly which senders were failing and when it was safe to enforce. No other tool made it this clear."
Head of IT
Financial Services, 250 employees
"Managing DMARC for 80 clients used to be a nightmare. With SpoofHunter's portfolio dashboard, I can see every domain's health in one view. SpoofHunter's MSP pricing actually makes sense."
MSP Owner
IT Services, 80+ managed clients
"The DRP intelligence layer is what sets this apart. We caught a phishing campaign targeting our customers because SpoofHunter flagged the sending IP as known malicious infrastructure."
Security Lead
E-commerce, 500 employees
Everything you need to know about SpoofHunter — and why email spoofing is a threat you can actually stop.
DMARC (Domain-based Message Authentication, Reporting & Conformance) is an email authentication protocol. It tells email providers what to do when someone sends email pretending to be from your domain. Without enforcement, attackers can send phishing emails that appear to come from you. Google and Yahoo now require DMARC for bulk senders.
Add a DMARC TXT record to your DNS. We give you the exact record to copy-paste — including your unique rua= address that routes reports directly to SpoofHunter. Takes about 5 minutes. Reports start arriving within 24-48 hours.
SpoofHunter processes DMARC aggregate reports — sending IP addresses, pass/fail counts, and policy information. No email content, no subject lines, no personal data. All data is stored on EU-based infrastructure (Hetzner Germany). We are GDPR-compliant and can provide a DPA for enterprise customers.
Yes. Starter includes 5 domains, Pro includes 20, and Business includes unlimited. MSPs can manage all client domains under a single dashboard with portfolio billing — no per-domain pricing that destroys your margins.
Yes, on the Business plan. MSPs can remove SpoofHunter branding, use a custom domain, and generate client-branded reports. Full white-label API for domain registrars is also available — contact us for a partnership discussion.
SpoofHunter immediately notifies you when a new unauthorized sender is detected. You'll see the IP, country, ASN, PTR record, and abuse reputation data. You can classify it as authorized or unauthorized — and our recommendation engine will update your enforcement guidance accordingly.
Free plan. No credit card. Your domain's first DMARC report is waiting.
Start hunting freeJoin teams protecting 500+ domains · EU-based · GDPR-native