Valimail's DMARC compliance edge
Valimail
This was a rules change story more than a feature story. Valimail launched into a market where email authentication had already become visible to end users, then benefited again when Gmail and Yahoo turned good authentication from a nice to have into a delivery requirement for bulk senders in 2024. That matters because DMARC is hard to set up manually when one company sends mail from Microsoft 365, Salesforce, Zendesk, Mailchimp, and other tools at once.
-
Google had already started surfacing suspicious identity signals in Gmail by 2016, including replacing a sender avatar with a question mark for unauthenticated mail. That turned email authentication into a visible brand and trust issue, not just a back end IT setting.
-
The hard part of DMARC is not adding one DNS record. It is finding every service that sends as a company domain, setting up SPF and DKIM correctly for each one, and keeping that map current as new tools get added. Microsoft described this workflow as manual and complex, which is exactly the pain Valimail automates.
-
That urgency translated into adoption. Valimail grew from about 5,000 accounts in 2020 to 65,000 in 2024, and reached an estimated $30M ARR in 2024, up 43% YoY, while larger suites like Proofpoint and Mimecast sold broader email security bundles at much higher revenue per customer.
The next phase is less about convincing companies that DMARC matters, and more about owning the operational layer for sender compliance across Google, Yahoo, Microsoft, and Apple. As mailbox providers keep tightening enforcement, the winner is the vendor that makes staying authenticated feel automatic instead of like ongoing DNS maintenance.