I've had the RUA tag populated in my DNS records from my mail server for a few years now and I have an email filter set up that dumps all of the DMARC reports into an email folder that I never look at. Right now it has over 4,000 of these emails and I thought maybe it was a good idea to make sure that our DMARC posture was good.
Rather than evaluate all the reports, I decided to quickly throw together a tool that will allow you to evaluate them and this is what I came up with.
It provides four different metrics by which it measures the effectiveness of your policy and it tells you if anything is incorrectly configured and what you should do about it. It is especially focused on evaluating the configuration of Office 365 mail servers, purely out of my own necessity, but it will work with any mail server. The most useful way to use it is to export a folder full of DMARC reports as a PST file and then upload them to the tool.
I vibe coded this with Codex in Visual Studio Code and then I had Gemini Pro take a pass at it to clean it up. I used Grok 4.20 as a third voice to ensure that I wasn't getting too pigeon-holed by the perspective of the two LLMs I was using.
I have this other tool that I built called a round table, which enables you to easily ask multiple LLMs a question and then take their responses to build a prompt that you then get all of the LLMs to respond to. Through this iterative process they converge towards an ideal across all of the various perspectives that the LLMs hold.
