Overview
Overview
What is DMARC+?
DMARC+ is Hunto's email authentication and monitoring platform. It helps you protect your domains from email spoofing, improve deliverability, and get full visibility into who is sending email on your behalf.
At its core, DMARC+ builds on three email security standards:
| Standard | What it does |
|---|---|
| SPF (Sender Policy Framework) | Specifies which mail servers are authorised to send email from your domain |
| DKIM (DomainKeys Identified Mail) | Adds a cryptographic signature to emails to prove they haven't been tampered with |
| DMARC (Domain-based Message Authentication) | Ties SPF and DKIM together with a policy that tells receivers what to do with unauthenticated emails |
DMARC+ adds reporting, analysis, and guided remediation on top of these standards — so you don't just see what's happening, you know what to do about it.
Why email authentication matters
Email is the most commonly exploited attack vector in business. Without authentication:
- Anyone can send email that appears to come from your domain
- Your customers and partners can receive convincing phishing emails that look like they came from you
- Your legitimate emails may be rejected by recipients because there's no proof they're real
DMARC+ protects your domain in both directions:
- Outbound: ensures your own emails are authenticated and delivered
- Inbound: blocks attackers from impersonating your domain
What DMARC+ gives you
Domain visibility See every source sending email from your domain — your own mail servers, third-party services (Mailchimp, Salesforce, Zendesk), and any unauthorised senders you didn't know about.
Authentication monitoring Track SPF and DKIM pass/fail rates across all sending sources in real time.
DMARC policy management Progress from a monitoring-only policy (p=none) to full enforcement (p=reject) with confidence, using DMARC+ data to guide each step.
Reporting and alerts Receive aggregate and forensic DMARC reports processed into readable dashboards — no raw XML required.
SPF Explorer Visualise and validate your SPF record, spot errors, and see exactly which services are authorised.
BIMI readiness Once you reach full DMARC enforcement, DMARC+ helps you set up BIMI — displaying your verified logo in supporting email clients.
Getting started
If you're new to email authentication, work through these steps:
- Understand the standards — Read What is SPF?, What is DKIM?, and What is DMARC?
- Check your current state — Use the DMARC+ Dashboard to see your existing authentication posture
- Fix SPF issues — Use the SPF Explorer to validate and clean up your SPF record
- Move to enforcement — Progress from
p=none→p=quarantine→p=rejectas your authentication improves - Enable BIMI — Once at
p=reject, set up your verified logo
The authentication journey
Most organisations start with no DMARC policy (or p=none) and work toward full rejection. The typical path:
| Stage | DMARC Policy | What it does |
|---|---|---|
| Monitoring | p=none |
Collect data only — unauthenticated emails still deliver |
| Quarantine | p=quarantine |
Unauthenticated emails go to spam |
| Enforcement | p=reject |
Unauthenticated emails are rejected outright |
| BIMI | p=reject + VMC |
Your logo displays in supporting email clients |
Use the DMARC+ Dashboard to monitor your authentication rates before moving each stage forward. Don't advance to p=reject until your legitimate email is passing authentication at 95%+.