DMARCbis-ready · The 2026 standard

DMARC Simplified

Plain-English email security, with the full forensic detail one click away, for the day you need to dig in.

Run a free audit of your domain.
Free · No sign-up · Results in seconds
The senders in your reports, named
SendGridPostmarkMailchimpGoogle WorkspaceMicrosoft 365Amazon SESMailgunKlaviyoSalesforceStripePayPalLinkedInZohoAtlassianGitHubIntuitBrevo
The part you never see

Right now, anyone can send email as your domain.

Unless an enforced policy stops it, that forged mail is delivered. It gives itself away in one place: the authentication data receivers already collect.

You cannot stop
what you cannot see.
What receivers check

Two messages claim to be you.

One is real. One is not.
your newslettersent by your ESP"your invoice"sent by an unknown IPSPFDKIMALIGNMENTYOUR POLICYp=rejectwhere we get youfailreturn pathpassalignedfailfailunalignedrejected before deliverydelivered
The daily digest

What surfaces back.

Sixty seconds each morning. No console to monitor.

TrustYourInbox <digest@trustyourinbox.com>acme.com this week: spoofing blocked, one thing to review
Your mail is protected. One thing needs attention.
1,240fakes blocked
98%passed, up 2 points
New sender detected on acme.com

Looks like Mailchimp. Confirm it is yours and we will watch its alignment.

Review
One-click fixes attached · Reply to reach a human
Why teams pick us

Built for deliverability and security teams.

Focus on what actually matters.

60 sec
daily digest

A daily digest, not another dashboard.

Each morning, a prioritized summary of what changed and what needs action lands in your inbox, with one-click fixes attached. No console to monitor.

140+
sending vendors identified

Every sender identified by name.

Each sending IP is matched against a curated corpus of 4,000+ CIDR ranges, so reports name SendGrid, Postmark, and Mailchimp instead of raw ASNs. New vendors are added as we identify them.

1 click
to reach enforcement

One-click DMARC enforcement.

Advance from p=none to quarantine to reject in a single click. We write the change straight to Cloudflare or AWS Route 53 after a five-minute delay, with an emailed record and a 24-hour undo.

How it works

Three steps. Most people are done in under five minutes.

STEP 01

Add your domain.

Verify ownership with a single TXT record. We give you a unique address to paste into your DMARC record's rua= tag. That is the entire setup. No agent, no SMTP relay, no DNS handover.

_dmarc.acme.com  TXT   v=DMARC1; p=none; rua=mailto:acme-7f3k@rua.trustyourinbox.com
STEP 02

Reports start arriving.

Within a day of mail moving through Gmail, Microsoft, and Yahoo, the first reports show up. We parse the XML, match every source IP to a known vendor, and surface alignment numbers per sender.

google.com  1,872 msgs  98% aligned ·  outlook.com  643 msgs  96% aligned
STEP 03

We tell you what's broken.

Daily digest summarizes anomalies. When you are ready to step from p=none to p=quarantine, we tell you which legitimate senders would get blocked and offer a one-click fix that writes the DNS change after a five-minute delay, with a 24-hour undo.

acme.com is ready for p=quarantine  →  Fix this ·  undo anytime for 24 hours
Alerts in Slack
Fix DMARC issues from Slack.

Connect Slack and the alerts that matter land in your channel. When an issue is one-click-fixable, approve the DNS fix right from the message, no app switch.

TrustYourInboxApp9:41 AM

acme.com is not protecting your domain

No DMARC policy is published, so anyone can send mail as your domain. Publishing a record starts the clock on reports and protection.

Fix thisView domain
For your AI assistant
Ask your DMARC data anything.

Connect Claude, Cursor, or any MCP client to your workspace and ask in plain English. It reads your real reports and answers with clean tables and summaries, the same numbers you see in the app.

Your AI assistantExample

Is acme.com being spoofed? Was I protected last week?

Yes, and receivers report they blocked all of it. Here's last week for acme.com:

Spoofed messages blocked1,240
Delivered anyway0
Top sourceRussia

You're fully protected, receivers rejected every spoofed message before delivery.

Watch your first domain.
Free.

Set up in five minutes. Daily digest. One-click fixes when something breaks.