Monitor who's sending email on behalf of your domain. Catch spoofing. Stop phishing.
Deploy Parse DMARC to your favorite cloud provider with one click:
| Provider | Deploy | Notes |
|---|---|---|
| CapRover | Self-hosted PaaS | |
| Coolify | Open-source Heroku alternative | |
| Dokploy | Self-hosted deployment platform | |
| Docker | Run anywhere |
| Provider | Deploy | Notes |
|---|---|---|
| DigitalOcean Droplet | VM with Packer image |
Note: All deployments require IMAP credentials. See Configuration for details on setting up Gmail, Outlook, or other email providers.
DMARC (Domain-based Message Authentication, Reporting & Conformance) helps protect your domain from email spoofing and phishing. When you enable DMARC on your domain, email providers like Gmail, Outlook, and Yahoo send you aggregate reports showing:
The Problem: These reports arrive as compressed XML attachments in your inbox - nearly impossible to read or analyze manually.
The Solution: Parse DMARC automatically fetches these reports from your inbox, parses them, and displays everything in a beautiful dashboard. All in a single 14MB Docker image.
brew tap meysam81/tap
brew install parse-dmarc
docker pull meysam81/parse-dmarc
Download pre-built binaries from the Releases page.
This is the most important step! Without this, you won't receive any reports to analyze.
Add a DMARC TXT record to your domain's DNS:
Name: _dmarc.yourdomain.com
Type: TXT
Value: v=DMARC1; p=none; rua=mailto:dmarc@yourdomain.com
What this means:
p=none - Monitor only (don't block emails yet)rua=mailto:dmarc@yourdomain.com - Send aggregate reports to this email addressImportant: Replace dmarc@yourdomain.com with an actual email inbox you control. This is where Gmail, Outlook, Yahoo, etc. will send your DMARC reports.
DNS Examples:
_dmarc, Content: v=DMARC1; p=none; rua=mailto:dmarc@yourdomain.com_dmarc, Data: v=DMARC1; p=none; rua=mailto:dmarc@yourdomain.com_dmarc.yourdomain.com, Value: "v=DMARC1; p=none; rua=mailto:dmarc@yourdomain.com"Reports typically start arriving within 24-48 hours.
Run the container:
docker run -d \
--name parse-dmarc \
-p 8080:8080 \
-e IMAP_HOST=imap.gmail.com \
-e IMAP_PORT=993 \
-e IMAP_USERNAME=your-email@gmail.com \
-e IMAP_PASSWORD=your-app-password \
-v parse-dmarc:/data \
meysam81/parse-dmarc
For Gmail users: You'll need an App Password, not your regular Gmail password.
Access the dashboard: Open http://localhost:8080 in your browser.
Once DMARC reports start arriving and Parse DMARC processes them, your dashboard will show:
This helps you:
p=none) to enforcement (p=quarantine or p=reject)Gmail:
{
"host": "imap.gmail.com",
"port": 993,
"username": "your-email@gmail.com",
"password": "your-app-password",
"use_tls": true
}
Requires App Password
Outlook/Office 365:
{
"host": "outlook.office365.com",
"port": 993,
"username": "your-email@outlook.com",
"password": "your-password",
"use_tls": true
}
Generic IMAP:
Most providers use port 993 with TLS. Check your provider's documentation.
# Fetch once and exit (useful for cron jobs)
docker exec parse-dmarc ./parse-dmarc -fetch-once
# Serve dashboard only (no fetching)
docker exec parse-dmarc ./parse-dmarc -serve-only
# Custom fetch interval (in seconds, default 300)
docker exec parse-dmarc ./parse-dmarc -fetch-interval=600
Q: I'm not receiving any reports. What's wrong?
A: Check these things in order:
_dmarc TXT record to your DNS? (Use a DNS checker like dig _dmarc.yourdomain.com TXT)config.jsonQ: Do I need SPF and DKIM set up first?
A: No! DMARC reports will show you whether SPF and DKIM are passing or failing, which helps you configure them correctly.
Q: What should my DMARC policy be?
A: Start with p=none (monitoring only). After reviewing reports and fixing any issues, gradually move to p=quarantine and then p=reject.
Q: How much email traffic do I need?
A: Any amount works. Even small domains with a few emails per day will receive useful reports.
Q: Can I use a Gmail account to receive reports?
A: Yes! Create a dedicated Gmail like dmarc@yourdomain.com, forward it to your personal Gmail if needed, and use Gmail's IMAP settings.
git clone https://github.com/meysam81/parse-dmarc.git
cd parse-dmarc
just install-deps
just build
./bin/parse-dmarc -config=config.json
See compose.yml for Docker Compose configuration.
GET /api/statistics - Dashboard statisticsGET /api/reports - List of reports (paginated)GET /api/reports/:id - Detailed report viewGET /api/top-sources - Top sending source IPsGET /metrics - Prometheus metrics endpointParse DMARC includes production-ready Prometheus metrics for monitoring and alerting. Metrics are enabled by default and exposed at /metrics.
| Metric | Type | Description |
|---|---|---|
parse_dmarc_build_info |
Gauge | Build information (version, commit, build_date) |
| Metric | Type | Description |
|---|---|---|
parse_dmarc_reports_fetched_total |
Counter | Total DMARC report emails fetched from IMAP |
parse_dmarc_reports_parsed_total |
Counter | Total DMARC reports successfully parsed |
parse_dmarc_reports_stored_total |
Counter | Total DMARC reports stored in database |
parse_dmarc_reports_parse_errors_total |
Counter | Total parse errors |
parse_dmarc_reports_store_errors_total |
Counter | Total storage errors |
parse_dmarc_reports_attachments_total |
$ claude mcp add dmarcguard \
-- python -m otcore.mcp_server <graph>