New Insight Reports for Efficient Multi-Domain Management

Introduction

Managing multiple domains is a significant challenge for MSPs and IT teams. Monitoring email security across numerous domains often means sifting through individual reports and configurations, making it difficult to identify issues efficiently. Today, we're excited to announce two powerful new Insight reports designed specifically to streamline multi-domain management: Sender Compliance Report and SPF Record Checker.

Sender Compliance Report

The Sender Compliance Report provides a consolidated view of email senders across all your domains, making it easier to identify compliance issues at a glance:

1. Aggregated view: See all sending servers that send mail from your domains in one place.
2. Compliance metrics: Quickly identify senders with low compliance rates across your domains.
3. High/Low percentage indicators: Easily spot inconsistencies where a sender is compliant on some domains but not others – a key indicator of potential misconfiguration.
4. Detailed domain breakdown: Expand any sender row to see compliance metrics for each individual domain.

This report is particularly valuable for identifying:

• Misconfigured domains: When the same sender shows high compliance on some domains but zero on others, it often indicates a configuration issue on the problematic domains.
• Email forwarding services: Legitimate forwarding services typically show varying compliance rates, which is expected behavior and can be improved by ensuring all your services have DKIM enabled.
• Potential security issues: Unusual sending patterns or unexpectedly low compliance from known senders warrants investigation.

Time range selection allows you to analyse data over periods up to 90 days, giving you flexibility to focus on recent issues or examine longer-term patterns.

SPF Record Checker

The SPF Record Checker automatically analyses all SPF records across the domains (and subdomains) added to your account against RFC 7208 guidelines, providing:

1. Comprehensive validation: Detects issues like excessive DNS lookups, invalid mechanisms, and improper record structures.
2. DNS lookup count tracking: Immediately see which domains approach or exceed the critical 10-lookup limit.
3. Full lookup chain visualization: Expand any domain to see the complete chain of SPF includes and redirects.
4. Clear status indicators: Color-coded results make it easy to prioritize which domains need attention.
5. Parked domain awareness: Special handling for parked domains, ensuring appropriate SPF recommendations.

This report helps you prevent common SPF issues:

• Permerror failures: Catch domains that exceed the 10 DNS lookup limit before they start causing delivery problems.
• Mechanism errors: Identify invalid syntax in SPF records that could lead to unexpected results.
• Missing terminal mechanisms: Detect records without proper "all" mechanisms that may leave security gaps.
• Complex nested includes: Visualise how your SPF records interconnect across services and domains.

Why These Reports Matter

For MSPs and IT teams managing multiple domains, these reports deliver significant benefits:

1. Scale efficiently: Manage dozens or hundreds of domains without manually checking each one.
2. Reduce troubleshooting time: Quickly identify which domains need attention and why.
3. Improve security posture: Ensure consistent email security configurations across all domains.
4. Simplify client management: Generate clear evidence of email security status for client reporting.

Best Practices for Using These Reports

1. Regular auditing: Check VerifyDMARC Dashboard and Insights regularly, especially after configuration changes.
2. Focus on outliers: Pay special attention to senders with inconsistent compliance rates across domains.
3. Monitor DNS lookup counts: Keep all SPF records below 8 lookups to maintain a safety margin.
4. Add all subdomains: Remember that SPF is not inherited; explicitly add all subdomains to ensure complete coverage.
5. Automate monitoring: Use these reports alongside our parked domain management features for comprehensive domain oversight.

Getting Started

Both reports are available now in the Insights section of your VerifyDMARC dashboard. These preview features are included with all plans that support multiple domains.

By leveraging these new Insight reports, you can more effectively manage email security across your entire domain portfolio, saving time while improving security. VerifyDMARC continues to evolve with tools specifically designed for MSPs and teams managing multiple domains.

Get in touch if you have any feedback or suggestions!