The Explorer lets you browse DMARC report rows across all reports for a domain at once, with powerful filtering and date range selection.

While the Reports page shows you individual reports one at a time, the Explorer gives you a unified view over all the rows contained in reports for the selected period.

To get started, navigate to a domain’s DMARC tab and choose Explorer from the navigation menu to get started.

After you’ve identified a row of your interest, hover over underlined texts to view tooltips with additional information, or click on a row to open the corresponding DMARC report with the selected row automatically filtered.

DMARC explorer page

Typical usage

Finding rejected or quarantined mail: set the disposition filter to Quarantine or Reject to see exactly which messages got blocked and from where. This is useful when recipients report missing emails, or when you’re tightening your DMARC policy and want to understand the impact before enforcing it.

Investigating a DKIM selector: if you spot an unfamiliar selector in the DKIM selectors overview, filter by it in the Explorer to see exactly when it was used, which sources produced it, and what the overall DMARC result was, helping you determine whether it’s still active or can safely be retired.

Tracing failures from a specific IP: if you notice an unfamiliar source in the dashboard, filter by its Source IP to isolate all the rows it produced and see whether they’re passing or failing authentication.

Filtering

By default, the Explorer shows the most recent data from the last 7 days. Use the date picker at the top to pick a different date range using the calendar.

Click Add filter to narrow down the results. Filters are organized into four sections:

  • DMARC: filter by DMARC result (pass/fail), disposition (none, pass, quarantine, reject), SPF alignment, and DKIM alignment.
  • SPF: filter by SPF authentication result or domain.
  • DKIM: filter by DKIM authentication result, domain, or selector.
  • Identifiers: filter by Envelope To, Envelope From, Header From, or Source IP.

For free-text fields (domains, selectors, IP addresses, email addresses), the Explorer suggests values based on the data in the selected date range. You can also type any value manually and apply it directly.

All filters, including the date range, are stored in the URL, so you can share a filtered view with a direct link.

Reading the results

Each row in the Explorer shows:

  • Source: the sending mail server’s IP address, hostname, and identified source name.
  • Period: the date range covered by the originating DMARC report.
  • Identifiers: the email identifiers reported (Envelope From, Header From, Envelope To).
  • SPF: the SPF authentication result and alignment status.
  • DKIM: the DKIM authentication results and alignment status.
  • DMARC: the overall DMARC pass/fail result.

Click any row to open the originating DMARC report and see the full details.