DMARC monitoring for Australian organisations
The ASD Essential Eight requires email authentication controls including SPF, DKIM, and DMARC. SpoofSentry automates compliance monitoring and guides your organisation from policy none to full enforcement.
ASD Essential Eight email requirements
The Australian Signals Directorate Essential Eight Maturity Model requires organisations to implement SPF, DKIM, and DMARC as part of their baseline email security controls. At Maturity Level 2 and above, DMARC enforcement (p=quarantine or p=reject) is expected.
SpoofSentry monitors your compliance posture continuously, tracks policy progression, and generates evidence bundles that map directly to Essential Eight requirements — ready for your annual assessment.
SMB1001 compliance support
For small and medium businesses in Australia, the SMB1001 cyber security standard provides a practical framework. SpoofSentry's compliance evidence bundles include SMB1001-aligned reports covering email authentication, sender governance, and domain protection.
Use the built-in checklist to track your progress through SMB1001 requirements and generate evidence for auditors or insurers.
Guided enforcement for Australian domains
Australian domain adoption of DMARC has grown rapidly, but enforcement remains low. SpoofSentry's Enforcement Center shows readiness gates, impact simulation, and sender authorization workflows to safely move from p=none to p=reject.
See exactly which senders would be affected before you change policy. Approve changes through a structured workflow with audit trail.
Sender discovery and classification
Discover all services sending email on behalf of your domains — including third-party SaaS platforms, marketing tools, and transactional email providers. SpoofSentry auto-detects 26+ common email service providers and classifies senders by risk level.
AI-powered classification helps identify unknown senders and recommends appropriate SPF and DKIM configuration for each.
Australian use cases
SpoofSentry is used by Australian organisations across government, healthcare, financial services, and education to monitor DMARC posture and drive enforcement. Our compliance evidence bundles support ACSC assessments, insurance questionnaires, and supply chain due diligence.
For detailed information about our security controls and data handling, see the Trust Center.
Frequently asked questions
What does the ASD Essential Eight require for email?
The Essential Eight Maturity Model requires SPF, DKIM, and DMARC as baseline email-security controls, and at Maturity Level 2 and above it expects DMARC enforcement (p=quarantine or p=reject). SpoofSentry monitors that posture continuously and generates evidence mapped to those requirements.
Does SpoofSentry support SMB1001 for smaller Australian businesses?
Yes. Its compliance evidence bundles include SMB1001-aligned reports covering email authentication, sender governance, and domain protection, with a built-in checklist to track progress for auditors or insurers.
How does SpoofSentry help move Australian domains to enforcement?
The Enforcement Center provides readiness gates, impact simulation, and sender authorization workflows so you can move safely from p=none to p=reject, seeing exactly which senders would be affected before you change policy.
Can I produce evidence for ACSC assessments and insurance questionnaires?
Yes. SpoofSentry generates Essential Eight and SMB1001-aligned evidence bundles that support ACSC assessments, insurance questionnaires, and supply-chain due diligence. See the Trust Center for security and data-handling detail.