Someone Is Sending Emails
On Your Behalf.
Would You Know?
Continuous DMARC monitoring. Unlimited multi-domain support. Hosted in Quebec, billed in CAD.
Anyone in the world can send an email signed ceo@yourcompany.com — as easily as writing a fake return address on an envelope. Without monitored DMARC, two things happen simultaneously: your legitimate emails land in spam, and fraudsters impersonate your brand while you’re busy doing something else. 10RUPTiV DMARC gives you visibility — whether you manage 1 or 200 domains, with no surprises on your invoice.
Every day, anyone can impersonate your domain. This is the operating model behind over 90% of Business Email Compromise (BEC) incidents — the most expensive form of email fraud in the world according to the FBI.
Most companies are flying blind: no visibility into who sends mail on their behalf, no alerts when a DNS record breaks, no way to understand why an important email was rejected by a major customer.
💸
188,000 CAD
Average loss per BEC incident (FBI IC3 2024, ≈137,000 USD converted).
The classic scenario: your customer receives an “urgent invoice” signed with your name, pays the fraudster, and you find out three weeks later through an angry phone call.
DMARC without monitoring is like having a disconnected security camera: it looks good, but it doesn’t protect anything.
The Entire Email Chain in One Dashboard
🛰️
Sovereign DMARC Report Collection
No U.S.-based SaaS sitting between Google/Microsoft and your reports.
Local SMTP intake + dedicated mailbox. Parser compatible with 30+ providers (Google, Microsoft, Yahoo, Mimecast, Amazon SES, Cisco IronPort…), automatic deduplication, authentication-tier classification (A/B/C). Automatic shadow IT detection: Mailchimp, Klaviyo, HubSpot signing emails on your behalf without IT knowing.
🩺
Health Score — The Entire Stack, Every Day
Not just isolated DMARC checks.
Daily revalidation across the full authentication stack:
SPF
DKIM
DMARC
MTA-STS
TLS-RPT
Alignment
Every layer monitored, scored, and historized. A regression? You know that same morning.
🚨
Named, Contextual Alerts
Not just “something is wrong.”
Five distinct triggers: volume_collapse (ISPs blacklisting), dns_authorization_dropped (record modified), reporting_silence (major reporters go silent = deliverability drop), parse_failure_rate, inbox_backlog.
Built-in anti-poisoning: only Tier A reports feed the baseline.
🔍
Free Public Audit — 30 Seconds
Zero friction. Zero signup.
Enter a domain name and get a complete report. Useful before a sales call, for evaluating a vendor, or testing your own infrastructure. Consent-based audit trail (LCJTI / Law 25 compliant).
What We Actually Monitor
Not just DMARC. The entire authentication chain, continuously.
| Layer | Standard | What we detect |
|---|---|---|
| 🛡️ SPF | Sender Policy Framework | Missing records, broken syntax, >10 lookups, ~all vs -all |
| 🔐 DKIM | Cryptographic signatures | Active selectors, expired keys, insufficient key length |
| 📜 DMARC | Policy + alignement | Active policy, downgrade from p=reject → p=none, missing rua= |
| 🔒 MTA-STS | Enforced delivery TLS | enforce/testing/none modes, MX consistency |
| 📡 TLS-RPT | TLS downgrade reporting | Downgrade attacks, invalid certificates |
| 🎯 Alignment | From ↔ d= ↔ MAIL FROM | Strict / relaxed misalignment |
| 📈 Volume & Reporting | Deliverability signals | volume_collapse, reporting_silence, dns_authorization_dropped |
| 🌐 Subdomains | Automatic inventory | Active subdomains without dedicated policy |
How It Works
1️⃣
Automatic Enrollment
No adding domains one by one.
Give us your domain list — we take over. Only one DNS change required: point your rua= and ruf= records to our collectors. Newly detected domains are automatically enrolled.
2️⃣
Continuous Collection and Validation
While you sleep.
Reports parsed into PostgreSQL (partitioning designed for millions of records/month), DNS revalidated daily, active subdomains detected, DKIM selectors catalogued automatically.
3️⃣
Visibility, Alerts, Action
Per-domain dashboard + actionable named alerts.
Legitimate sources, impersonation attempts, domain scores, active subdomains, detected DKIM selectors. Direct access to 10RUPTiV expertise when things get complex — no abandoned red charts.
115+
Domains monitored in production
30+
Supported reporting providers
100%
Daily DNS revalidation
0
Foreign dependency
5 alert types · Authentication-tier anti-poisoning · LCJTI / Law 25 / GDPR compliance
Why 10RUPTiV DMARC
✔️
Canadian Sovereignty.
Hosted in Quebec. Compliant with LCJTI, Law 25, GDPR. Your DMARC reports never cross borders.
✔️
Continuous Monitoring
Daily revalidation and real-time alerts. Not just a monthly PDF export that tells you three weeks later that a domain has been broken
✔️
Designed and Operated by 10RUPTiV
Not a third-party reseller. You speak directly with the team that built the code.
✔️
Unlimited Multi-Domain Support
Monitor 1 or 200 domains for the same price. No per-domain pricing, no surprise tiers.
✔️
Complete Coverage Across the Entire Chain
SPF, DKIM, DMARC, MTA-STS, TLS-RPT, alignment, and subdomains. Not just an isolated DMARC check.
Pricing Comparison
70–200 CAD per domain / month
Fixed pricing in CAD
Trois scénarios qu'on règle chaque semaine
Shadow IT
Unauthorized tools discovered within 48 hours
“We discovered that marketing was using Mailchimp, HubSpot, and Klaviyo — none of them were configured in our SPF. Three weeks later, everything was cleaned up.”
DMARC reveals every tool sending emails on your behalf — authorized or not.
BEC Prevention
Fraud attempt detected before the invoice was paid
“A fraudster using ‘accounting@ourbrand.ca‘ was sending fake invoices from a Romanian VPS. The dns_authorization_dropped alert woke us up before the first customer paid.”
DMARC stops brand impersonation before it reaches your customers.
Deliverability
Email delivery issues fixed with a major client
“Our emails were landing in spam at Desjardins. Within a day, we discovered it was an expired DKIM selector on our CRM.”
DMARC explains why your emails stop getting delivered — down to the exact layer causing the issue.
Is Your Domain Actually Protected — or Just Configured?
There’s a difference between having a DMARC record and knowing it’s doing its job. Most organizations stay at p=none (monitoring mode) and never move to quarantine or reject — because nobody reads the reports.
Meanwhile, fraudsters keep sending emails in their name.
Hosted in Quebec · Fixed pricing in CAD · Unlimited multi-domain support · No surprises on your invoice