Project Overview
DMARC-hark helps email and operations teams find DMARC risk quickly, investigate one domain deeply, and keep report ingestion running smoothly. It is built for day-to-day monitoring and incident response: fast overview first, then clear drill-down when something looks wrong.
Core Highlights
- Fleet-level DMARC risk overview across all monitored domains
- Single-domain investigation with pass/fail, sources, and failure trends
- Practical guidance to prioritize risky sources and remediation
- Live ingest status and run history for mailbox processing visibility
- Docker Compose stack for quick setup and reproducible operations
Technical Stack
Project Status
Workspace Preview

Why Teams Use It
Fast
ClickHouse-backed analytics keep dashboards responsive, even when domain data grows.
Practical
Designed for daily operator workflows instead of vanity metrics and generic charts.
Actionable
Surfaces risky sources, explains why they matter, and points to clear next investigations.
Quick Start (Docker Compose)
# Windows PowerShell
Copy-Item docker.env.example docker.env
# Edit docker.env and set at least:
# IMAP_HOST
# IMAP_USER
# IMAP_PASS
docker compose --env-file docker.env up --build -d
# Dashboard: http://localhost:18080
# API: http://localhost:15000Key API Endpoints
| Method | Path | Description |
|---|---|---|
| GET | /overview | Fleet-level risk overview across domains |
| GET | /domain/<domain>/summary | Pass/fail, alignment, and policy coverage |
| GET | /domain/<domain>/sources | Sending sources with per-source stats |
| GET | /domain/<domain>/failures | Failure records, newest first |
| GET | /domain/<domain>/trend | Daily fail/total trend for charting |
| GET | /ingest/status | Current ingest state and recent run history |
Technical Notes
Architecture
- • Frontend: Svelte interface for fleet and domain workflows
- • Backend: Python API for summary, sources, failures, and trend endpoints
- • Storage: ClickHouse runtime analytics backend
- • Runtime: Docker Compose stack for local and ops-friendly deployment
Operational Focus
- • Start broad with cross-domain health and anomaly visibility
- • Drill into one domain for source and alignment diagnostics
- • Track ingestion runs and report freshness in real time
- • Keep policy rollout and exception handling grounded in current risk
Project Status
DMARC-hark is actively developed as an operator-focused monitoring platform for DMARC analysis, with practical workflows for triage, remediation, and ingest reliability.
View Source Code