DMARQ

Account and Access Milestone

Product readiness for authentication, workspace RBAC, billing ownership, provider lifecycle, enterprise provisioning, and audited support access.

Loading account readiness...

General

Basic application settings

DMARC Policy Defaults

Default values applied when adding a new domain

DNS Resolver

Choose how DMARQ resolves DNS records for domain lookups

DNS Provider Connectors

Connect provider accounts to verify domain ownership, import DNS zones, and feed safe repair previews. DNS write access remains a separate human-approved step.

Cloudflare OAuth

Connected with scoped access. Ready to connect with read-only zone and DNS access. Configure Cloudflare OAuth client credentials on the server to enable one-click connect.

Request scopes:

Cloudflare client permissions:

Granted scopes:

Provider Domain Discovery

Find DNS zones and import them into DMARQ before reports arrive.

Mail Service Imports

Discover verified sender domains from mail delivery services before DMARC reports arrive. Postmark uses an account token with read-only sender-domain discovery in DMARQ.

Verified Sender Domains

Preview Postmark domains and import them into DMARQ for DNS linting and monitoring.

Forensic Reports

Control privacy for forensic report metadata

Notifications

Send alerts through Apprise-compatible targets

Alert Rules

Summary Notifications

Alert History

Configuration Audit

Webhooks

Send signed operational events to downstream systems

Name URL Events Status Last Result

Recent Deliveries

AI and Agent Automation

Opt-in summaries, read-only MCP access, and human-confirmed proposal controls

AI and MCP features are disabled by default. Safe context always redacts secrets and tokens before it can be shared with model or agent surfaces. PII redaction is controlled below.

Mail Sources

IMAP, POP3 and Gmail API inbox credentials are managed on the dedicated Mail Sources page.