All Collections
Using the OnDMARC App
Reports
IP Reputation Scores
IP Reputation Scores

Using OnDMARC's IP reputation scores to quickly identify threats

Nadim Lahoud avatar
Written by Nadim Lahoud
Updated over a week ago

For Professional and Enterprise plans OnDMARC now gives a reputation score for every IP attempting to send mail on behalf of your domain.

This means you can quickly tell where the threats are coming from and even drill down to the type of threats associated with a given IP.

The traffic light scoring system can be seen in the Sender's list in the Reports section.

Senders using multiple IP's are given a score of green (none of the senders IP's was found to be a threat), amber (less than 10% of the senders IP's were suspicious), or red (more than 10% of IP's were suspicious). Some examples are shown below.

You can drill down to the IP level to see what we found and which country the IP originates from. For example, the IP could be involved in sending low reputation email, be from an IP range not typically associated with sending mail (so a botnet of some kind), or be a known spam sender. An example is shown below.

You can sort senders by reputation to quickly focus your time on checking and configuring legitimate, good reputation senders and avoid wasting time on senders and IP's that are clearly malicious.

Did this answer your question?