DMARC-hark

Operations Workspace for DMARC Monitoring and Incident Response

SveltePythonClickHouseDocker ComposeEmail Security

Project Overview

DMARC-hark helps email and operations teams find DMARC risk quickly, investigate one domain deeply, and keep report ingestion running smoothly. It is built for day-to-day monitoring and incident response: fast overview first, then clear drill-down when something looks wrong.

Core Highlights

  • Fleet-level DMARC risk overview across all monitored domains
  • Single-domain investigation with pass/fail, sources, and failure trends
  • Practical guidance to prioritize risky sources and remediation
  • Live ingest status and run history for mailbox processing visibility
  • Docker Compose stack for quick setup and reproducible operations

Technical Stack

SveltePython APIClickHouseDocker ComposeNginx

Project Status

Active & Open Source
MIT Licensed
Built for Operator Workflows

Workspace Preview

DMARC-hark dashboard overview

Why Teams Use It

Fast

ClickHouse-backed analytics keep dashboards responsive, even when domain data grows.

Practical

Designed for daily operator workflows instead of vanity metrics and generic charts.

Actionable

Surfaces risky sources, explains why they matter, and points to clear next investigations.

Quick Start (Docker Compose)

# Windows PowerShell
Copy-Item docker.env.example docker.env

# Edit docker.env and set at least:
# IMAP_HOST
# IMAP_USER
# IMAP_PASS

docker compose --env-file docker.env up --build -d

# Dashboard: http://localhost:18080
# API: http://localhost:15000

Key API Endpoints

MethodPathDescription
GET/overviewFleet-level risk overview across domains
GET/domain/<domain>/summaryPass/fail, alignment, and policy coverage
GET/domain/<domain>/sourcesSending sources with per-source stats
GET/domain/<domain>/failuresFailure records, newest first
GET/domain/<domain>/trendDaily fail/total trend for charting
GET/ingest/statusCurrent ingest state and recent run history

Technical Notes

Architecture

  • • Frontend: Svelte interface for fleet and domain workflows
  • • Backend: Python API for summary, sources, failures, and trend endpoints
  • • Storage: ClickHouse runtime analytics backend
  • • Runtime: Docker Compose stack for local and ops-friendly deployment

Operational Focus

  • • Start broad with cross-domain health and anomaly visibility
  • • Drill into one domain for source and alignment diagnostics
  • • Track ingestion runs and report freshness in real time
  • • Keep policy rollout and exception handling grounded in current risk

Project Status

Active & Open Source

DMARC-hark is actively developed as an operator-focused monitoring platform for DMARC analysis, with practical workflows for triage, remediation, and ingest reliability.

View Source Code