Deploy the dmarco Outlook Add-in

The dmarco Outlook Add-in lets your users analyze any suspicious email with a single click. No forwarding, no copy-paste — just click Analyze in the Outlook ribbon and the analysis report arrives in their inbox.

Prerequisites

• Microsoft 365 subscription with Exchange Online
• Global Administrator, Exchange Administrator, or Azure Application Administrator role
• A dmarco organization on the Starter+ tier or higher (the add-in auto-discovers your analyze address)
• At least one domain registered in dmarco that matches your users' email addresses

Step 1: Download the manifest

Download the add-in manifest from:

https://app.dmarco.email/outlook-addin/manifest.xml

Right-click the link and choose "Save as" — the file should save as manifest.xml.

Step 2: Upload to M365 Admin Center

1. Go to admin.microsoft.com and sign in as an admin
2. Navigate to Settings → Integrated apps
3. Click Upload custom apps
4. Choose Upload manifest file (.xml) from device
5. Select the manifest.xml file you downloaded
6. Click Next

Step 3: Assign users

Choose who gets the add-in:

• Entire organization — all users in your tenant
• Specific users or groups — select from Azure AD groups (recommended for pilots)

Step 4: Review permissions and accept

The add-in requests two Microsoft Graph permissions:

• Mail.Read — to read the MIME content of emails the user selects for analysis
• Mail.Send — to send the email to the analyze address on the user's behalf

Review and accept. This grants admin consent for your entire tenant — your users will not see individual consent prompts.

Step 5: Wait for propagation

The add-in typically appears in users' Outlook within a few minutes, though Microsoft allows up to 24 hours. Users may need to restart Outlook desktop to see the button.

End-user experience

1. User opens a suspicious email in Outlook
2. Clicks the Analyze button in the ribbon
3. First time only: brief auth dialog (one click, uses their existing M365 session)
4. Analysis report arrives in their inbox within seconds

The report includes a plain-language recommendation (Legitimate / Review carefully / Suspicious / Likely spoofed) alongside the technical DMARC/SPF/DKIM details.

Updating the add-in

When a new version of the manifest is released:

1. Download the new manifest from https://app.dmarco.email/outlook-addin/manifest.xml
2. In M365 Admin Center, go to Settings → Integrated apps
3. Find dmarco Analyze in the list and click it
4. Choose Update and upload the new manifest

Code-level changes (UI fixes, new checks) update automatically without requiring a manifest re-upload. Only changes to buttons, permissions, or URLs require re-upload.

Troubleshooting

The Analyze button is not showing in Outlook

• Verify the add-in is deployed in M365 Admin Center (Settings → Integrated apps)
• Verify the user is in the assigned group
• Have the user restart Outlook desktop or refresh Outlook Web
• Wait up to 24 hours for full propagation

"Setup cancelled" notification on click

The add-in could not auto-discover the organization's analyze address. Check:

• The user's email domain is registered as a domain in your dmarco organization
• Your dmarco organization is on the Starter+ tier or higher (the analyzer is a paid feature)
• The dmarco API is reachable from the user's network

Authentication errors

If users see authentication errors:

• Verify admin consent was granted during deployment (API Permissions in the add-in listing)
• Have the user sign out of Outlook and sign back in

Analysis report not arriving

If the user reports clicking Analyze but not receiving the report:

• Check the user's junk/spam folder — first-time replies sometimes land there until the sender is trusted
• Check the dmarco dashboard for the analysis log under the Senders or Reports section