Services · Buy today

Your email should arrive — and no one should be able to forge it

Does your email land in spam? Or is someone sending fake invoices “from” your domain? SPF, DKIM and DMARC solve both. We set everything up correctly, tighten gradually over 4–8 weeks and document the result. Google and Microsoft already require this of senders.

Buy today

Price

NOK 4,900–9,900

excl. VAT · optional monitoring + NOK 290/mo

All prices excl. VAT.


What’s included

  • Mapping of every system that sends email for your domain
  • SPF and DKIM correctly configured for every sender
  • DMARC with gradual tightening: none → quarantine → reject
  • Analysis of DMARC reports throughout the period
  • A final report documenting the status
  • Optional ongoing monitoring for NOK 290/mo

How we work

  1. 01

    Mapping

    We find every sender: Microsoft 365, accounting software, newsletters, CRM. Most businesses have more than they think.

  2. 02

    Setup

    SPF and DKIM are configured correctly for each sender. DMARC starts in monitoring mode, so nothing legitimate gets blocked.

  3. 03

    Tightening

    Over 4–8 weeks we analyze the reports and tighten the policy — all the way to reject, where forged email is refused.

  4. 04

    Final report

    You get the status and the work documented. Want ongoing monitoring? That’s NOK 290/mo.


A fit for you if

  • see your email to customers landing in spam
  • want to shut the door on fake invoices sent in your company’s name
  • send from several systems and have lost track
  • want to meet the requirements Google and Microsoft now place on senders

Common questions

What does DMARC setup cost?

NOK 4,900–9,900 excl. VAT, depending on how many systems send email for your domain. Ongoing monitoring afterwards is optional at NOK 290/mo.

How long does it take?

The work itself is a few hours, but the process runs over 4–8 weeks. DMARC should be tightened gradually — that’s how it’s done right.

Why can’t you just switch on reject right away?

Because you’d risk blocking your own legitimate email — invoices, quotes, newsletters. We start in monitoring mode, see who actually sends for you, and tighten once everything legitimate is approved.

We use Microsoft 365 — isn’t this already handled?

Partly. Microsoft 365 handles its own sending, but most businesses also send from accounting software, newsletter tools and a CRM. Without one coordinated setup, your domain is still open to spoofing.

What is DMARC, in short?

A rule on your domain that tells receivers what to do with email that claims to come from you but can’t prove it: let it through, quarantine it or reject it. With reject in place, your domain is effectively closed to spoofing.

Do we need monitoring afterwards?

Not necessarily. If you adopt new systems that send email, the setup needs updating — monitoring catches that automatically. The alternative is remembering it yourself.



Get your email delivered — safely