By Allan Richards, Global MSP Lead at EasyDMARC
Email is still one of the most important tools businesses use to communicate. From sending invoices and contracts to talking with customers and partners, almost everything depends on email. At the same time, email has also become the easiest way for attackers to target businesses, especially in Australia, where phishing and email impersonation attacks are increasing every year.
For Managed Service Providers, this creates both a risk and an opportunity.
DMARC, which stands for Domain-based Message Authentication, Reporting, and Conformance, is no longer optional. It is quickly becoming a basic requirement for protecting business email. For MSPs that offer it as a managed service, DMARC also opens the door to a reliable and scalable source of recurring revenue.
Email Impersonation: A Growing Threat Behind Every Inbox
The problem is that most Australian domains are still not properly protected. More than 75 percent lack DMARC enforcement, meaning their domains can still be used by attackers to send fake emails. Even among the domains that have added DMARC, many are only in monitoring mode. This only shows what is happening, but does not block or stop any malicious emails. As a result, these businesses are still exposed to spoofing, phishing, and email-based fraud.
Only a small percentage of .au domains are fully protected by DMARC policies that actively prevent the delivery of fake emails.
For MSPs, this is more than just a security gap. Every unprotected client is either a real risk waiting to turn into an incident, or an opportunity to provide a valuable managed service that improves security, protects the client’s brand, and creates steady recurring revenue.
What is DMARC-as-a-Service
DMARC is often treated as just another compliance task, but in reality, it plays a much bigger role in modern email security. When it is set up and managed properly, it helps protect a business from email spoofing, phishing, and brand abuse. The challenge is that DMARC is not a one-time setup. It needs regular checks, alignment across all email tools, and ongoing monitoring to keep working correctly. This is exactly where MSPs can add real value.
When offered as a managed service, DMARC becomes more than just a security control. It turns into a steady, recurring service that improves client protection while also supporting long-term revenue.
Most MSPs deliver DMARC-as-a-Service in a few simple ways:
One-time setup and configuration
MSPs can charge for setting up DMARC correctly by aligning SPF, DKIM, and DMARC across all systems that send email for the client, such as Microsoft 365, marketing tools, and billing platforms.
Ongoing monitoring and reporting
With a managed DMARC platform, MSPs can track authentication results, move clients toward stronger enforcement, and provide regular reports that show how well their email is protected.
Part of a wider security stack
DMARC fits naturally alongside email security, endpoint protection, and compliance services, making it easy to bundle into existing offerings.
For example, with EasyDMARC, MSPs typically pay around US$10 per domain each month, while many resell it for A$30 to A$50. This creates strong margins with minimal additional workload, making DMARC-as-a-Service a practical and profitable addition to any MSP’s service portfolio.
The Data-Led Sales Approach
Selling security is not easy, especially when the risks feel invisible to clients. Most businesses only take action when they can clearly see what is wrong. That is where real data makes all the difference.
With EasyDMARC’s Touchpoint, MSPs can quickly check any domain and see whether it is exposed to spoofing, misaligned email sources, or missing authentication. Instead of guessing, you get clear proof of what is happening behind the scenes.
This makes it much easier to start a meaningful conversation with a potential client. You can show them exactly how their domain is being used or misused and explain what that means for their business. When clients see the risk in black and white, the discussion shifts from selling a product to solving a real problem.
From there, it becomes much easier to introduce services like DMARC management, compliance support, brand protection, and other security offerings.
Avoiding Common DMARC Pitfalls
Many organizations think they are protected just because a DMARC record exists in their DNS. But in reality, that is often not enough. If the policy is set to p=none, it only monitors activity and does not block any fake or malicious emails. This means attackers can still spoof the domain and send phishing emails without being stopped.
Other common mistakes make the situation even worse. Some businesses set up DMARC once and then never move it to stronger policies like quarantine or reject, so it never provides real protection. Many also forget to include all the tools that send email on their behalf, such as Mailchimp, QuickBooks, or CRM systems, which causes legitimate emails to fail authentication. On top of that, the XML reports that show what is happening behind the scenes are often ignored because they are hard to read and understand.
Empowering Australian MSPs Through Partnership
EasyDMARC’s MSP program is designed for partners who want to grow their security business, not just add another tool to their stack. It gives MSPs everything they need to manage DMARC easily and turn it into a real service they can offer clients.
Here is what MSPs get:
- A single dashboard for all clients: You can manage every client’s domain from one place instead of jumping between tools or accounts. This makes it much easier to stay on top of multiple DMARC setups.
- 24/7 monitoring and alerts: If something breaks, a sender changes, or a domain falls out of alignment, you get notified right away so you can fix it before it becomes a problem.
- White-label reports: You can send DMARC reports to clients with your own branding, helping you clearly show the value of the service you are providing.
- Training through EasyDMARC Academy: Both your technical team and your sales team can learn how DMARC works, so everyone knows how to set it up, explain it, and sell it properly.
- Marketing and sales support: You get ready-to-use content like eBooks, domain scanners, and co-branded material that helps you generate leads and explain DMARC to clients.
On top of all this, every MSP also gets a dedicated growth manager who works with them to build a DMARC service that actually brings in revenue, not just another line item on the price list.
For more information on partnering with EasyDMARC and adding DMARC-as-a-Service to your portfolio, visit www.easydmarc.com.
We’re glad you joined EasyDMARC newsletter! Get ready for valuable email security knowledge every week.
You’re already subscribed to EasyDMARC newsletter. Continue learning more about email security with us
