DMARC Advisor is one of Europe’s early DMARC focused cybersecurity...
Read More
Email security has become one of the most important parts of modern cybersecurity. Phishing, spoofing, business email compromise, and domain abuse continue to be major threats for businesses of all sizes.
One company that has built its identity around solving this problem is DMARC Advisor, a Dutch cybersecurity company focused on helping organisations implement and manage email authentication standards such as DMARC, SPF, DKIM, and BIMI.
This post takes a closer look at the history of DMARC Advisor, why the company exists, and why its work matters in a world where email remains one of the most abused attack vectors.
What Is DMARC Advisor?
DMARC Advisor is a Netherlands based email security company that helps organisations protect their domains from spoofing, phishing, and email fraud.
The company focuses on open email authentication standards, especially:
- SPF – helps define which mail servers are allowed to send email for a domain.
- DKIM – uses cryptographic signatures to help prove an email has not been tampered with.
- DMARC – builds on SPF and DKIM by allowing domain owners to publish policies for how failed email authentication should be handled.
- BIMI – allows verified brand logos to appear in supported inboxes when the sender has strong authentication in place.
In simple terms, DMARC Advisor helps organisations answer a critical question:
Who is really allowed to send email on behalf of my domain?
That question matters because attackers often try to impersonate trusted brands, suppliers, executives, or internal departments. Without proper email authentication, it becomes much easier for malicious actors to abuse a domain’s reputation.
The Origins of DMARC Advisor
DMARC Advisor was founded in 2013 in Dordrecht, The Netherlands.
The company describes itself as the first European DMARC provider, and its origin story is closely tied to the early days of DMARC adoption.
DMARC itself was published as a specification in 2012 and later became formalised through IETF work, with the original RFC 7489 published in 2015 and newer DMARC RFCs appearing in 2026.
This means DMARC Advisor entered the market very early, at a time when DMARC was still relatively new and many organisations were only beginning to understand the importance of email authentication.
The company’s founder and CEO, Martijn Groeneweg, has long standing experience in the email and domain industry.
Before DMARC Advisor, he founded the Dutch email service provider Measuremail in 2000, which he later sold in 2020.
In 2013, he founded DMARC Advisor, building on years of experience in email deliverability, authentication, and domain protection.
Why DMARC Advisor Was Created
The problem DMARC Advisor was created to solve is simple to understand but difficult to manage in practice.
Most organisations send email from multiple sources. These can include:
- Microsoft 365 or Google Workspace.
- CRM systems.
- Marketing platforms.
- Ticketing systems.
- Finance systems.
- Third party suppliers.
- Payroll systems.
- Cloud applications.
- Legacy servers.
Over time, it becomes difficult to know which systems are legitimately sending email for the organisation.
That creates risk.
If an attacker can send email that appears to come from a trusted domain, they can use that trust to launch phishing campaigns, invoice fraud, credential harvesting attacks, or business email compromise attempts.
DMARC helps reduce that risk, but implementing DMARC properly can be challenging.
The reports are technical, the records must be carefully configured, and a mistake can accidentally block legitimate email.
DMARC Advisor was built to make that process easier, safer, and more manageable.
From DMARC Reporting to Domain Protection
In its early form, a DMARC platform mainly helped organisations collect and interpret DMARC reports.
These reports are usually sent in XML format by mail receivers and contain information about which systems are sending email for a domain.
For most IT teams, reading raw DMARC XML reports manually is not realistic.
A platform like DMARC Advisor converts that data into something usable. It helps organisations identify legitimate senders, detect suspicious sources, and gradually move from a monitoring policy to a stronger enforcement policy.
Over time, DMARC Advisor’s offering has expanded beyond basic DMARC reporting. Today, its services include areas such as:
- DMARC reporting.
- DMARC management.
- SPF management.
- SPF flattening.
- Hosted BIMI services.
- Professional services.
- Free tools for checking DMARC, SPF, DKIM, BIMI, and phishing related configuration.
That evolution is important because email authentication is not a one time task. It is an ongoing operational process.
Domains change. Vendors change. Marketing platforms change. Cloud services change.
Without continuous monitoring, email authentication can drift out of alignment.
Why DMARC Matters for Cybersecurity
Email remains one of the most common ways attackers target organizations. Even with strong endpoint protection, firewalls, DNS filtering, and user awareness training, phishing still gets through.
DMARC does not stop every phishing attack, but it helps reduce one very specific and dangerous problem:
unauthorized use of your own domain.
When implemented properly, DMARC can help prevent attackers from sending spoofed emails that appear to come directly from your organization’s domain.
This is especially important for:
- Finance teams.
- HR departments.
- Executive communications.
- Customer support teams.
- Public sector organizations.
- Managed service providers
- Businesses with strong brand trust.
- Organisations handling sensitive data
A strong email security strategy should not rely on one control.
DMARC should sit alongside other protections such as secure DNS filtering, phishing awareness, endpoint protection, identity protection, and proper incident response processes.
For a broader defensive approach, I have also covered related security topics such as advanced DNS privacy and parental controls on OPNsense and hidden threats in modern cybersecurity.
A European Focused Cybersecurity Provider
One of the mor interesting parts of DMARC Advisor’s positioning is its European focus.
The company states that its team operates from Europe and that customer data is stored and hosted within Europe. This is particularly relevant for organizations that care about GDPR, data sovereignty, and European regulatory expectations.
DMARC Advisor has also announced that it has received the Cybersecurity Made in Europe label. This label is intended to highlight European cybersecurity companies that meet specific criteria around European based operations, trust, and digital sovereignty.
For organisations in Europe, this positioning may matter.
Choosing a cybersecurity vendor is not only about features. It is also about:
- Where data is stored.
- Who has access to that data.
- Which legal framework applies.
- How transparent the provider is.
- Whether the provider understands European compliance expectations.
This is where DMARC Advisor appears to be trying to differentiate itself from global competitors.
DMARC Advisor and the Wider DMARC Ecosystem
DMARC Advisor is part of a wider ecosystem of companies trying to improve email trust.
The need for these platforms exists because DMARC itself is not always simple to deploy. Many organisations start with a monitoring policy such as:
p=none
This allows them to collect reports without affecting mail delivery.
From there, they need to identify legitimate senders, fix SPF and DKIM alignment problems, and gradually move toward stronger policies such as:
p=quarantine
or eventually:
p=reject
The journey can take time, especially for larger organisations with many mail sources.
This is where DMARC platforms provide value. They help reduce complexity, give visibility into sender behaviour, and make it safer to move toward enforcement.
Why This Company Is Worth Watching
DMARC Advisor is worth watching because it sits at the intersection of several important cybersecurity trends:
- Phishing protection.
- Domain protection.
- Email authentication.
- Compliance.
- Brand protection.
- European data sovereignty,
- Open internet standards.
As phishing continues to evolve, organizations will need stronger controls around domain abuse. Attackers know that users are more likely to trust emails that appear to come from a familiar domain.
That makes domain protection a business risk issue, not just an IT configuration task.
DMARC Advisor has built its business around helping organisations close that gap.
Future Platform Review
This post is an introduction to the company and its history.
In a future post, I will take a closer look at the DMARC Advisor platform itself. That review will focus on how the platform works, what the dashboard offers, how easy it is to manage DMARC records, and whether the product is suitable for small businesses, IT teams, MSPs, and larger organisations.
The key areas I plan to look at include:
- Ease of onboarding.
- Domain setup.
- DMARC report visibility.
- SPF and DKIM guidance.
- Alerting and reporting.
- Usability for IT administrators.
- Value for organisations trying to move toward enforcement.
That future review will be more hands on and practical.
Final Thoughts
DMARC Advisor is an interesting example of a specialist cybersecurity company that focused early on a problem many organisations still struggle with today: email authentication.
Founded in 2013 in the Netherlands, the company positioned itself around DMARC before many organisations had even started thinking seriously about the standard. Since then, it has grown into a broader email authentication and domain protection provider with a strong European identity.
For organisations trying to reduce phishing risk, protect their brand, and improve trust in their email infrastructure, DMARC is no longer optional. It is becoming a core part of responsible domain management.
DMARC Advisor’s role is to make that journey easier, more visible, and less risky.
Call to Action
If your organisation has not reviewed its DMARC, SPF, and DKIM configuration recently, now is a good time to start.
Check which services are sending email on behalf of your domain, confirm whether they are properly authenticated, and begin working toward a stronger DMARC policy.
Email security is not just about blocking threats after they arrive. It is also about making sure attackers cannot easily abuse your domain in the first place.
Leave your thoughts and comments down below, and remember that The Singularity is always watching.
Source:
- DMARC Advisor – About Us
- DMARC Advisor – Contact Details
- DMARC Advisor – Cybersecurity Made in Europe Announcement
- DMARC.org – History of DMARC
- IETF Datatracker – DMARC Working Group
- IETF RFC 7489 – Domain-based Message Authentication, Reporting, and Conformance
- Certified Senders Alliance – Martijn Groeneweg Speaker Profile
Microsoft Intune Explained: User vs Device Configuration Profiles
Microsoft Intune is not just “Group Policy in the cloud.”...
Read More
Chrome Vulnerability CVE-2026-7897 Explained: Why This Critical Use After Free Bug Matters
Chrome vulnerability CVE-2026-7897 is a critical use after free issue...
Read More
csc.exe Living Off The Land Attack: When A Trusted Windows Compiler Becomes A Threat
csc.exe is not malware. It is the legitimate Microsoft C#...
Read More
Leave a Reply