Product · Alert Engine

When something breaks, you know before your customer does.

Slack, Teams, webhook, PagerDuty. Anomaly detection, MSP routing per sub-org. Configurable in two clicks, no YAML.

Start Pro View pricing

app.mailantis.eu / alerts

Alert stream · last 7 days

3 unread, 2 of them critical.

12 min

SPF drift — new sender 185.99.143.12

demo-kunde.at

Crit.

1 h

MTA-STS cert expires in 6 days

mta-sts.demo-kunde.at

Crit.

3 h

Spoofing spike — 142 fails from 195.211.197.40

RU · AS44724

Warn.

How it works

Connect, define, test

Connect a channel

OAuth flow for Slack/Teams in 30 seconds. PagerDuty via routing key. Webhooks via URL.

Define rules

By click: which events (DMARC drop, SPF PermError, cert expiry), which severity, which channel.

Send a test alert

Fire a test alert into the channel before going live. Verify the configuration, then enable.

Features

What a grown-up alert engine has to do

Native Slack, Teams, Discord integration (OAuth)

PagerDuty + Opsgenie for 24/7 on-call teams

Generic webhooks (HMAC-signed, retry logic)

Anomaly detection with baseline per domain

Escalation levels (warn → critical → on-call)

MSP routing per sub-org (tenant isolation)

Test mode for configuration verification

Webhook payload

Structured JSON for your own tools

Generic webhook for in-house tools

Mailantis webhooks are HMAC-signed (SHA-256) and retry-capable (3 attempts with exponential backoff). The payload format is stably versioned via the "version" field.

Each event has a unique event_id for idempotency, a severity value, and context-specific fields in the data block.

POST https://your-tool.example.com/webhook{
  "version": "1",
  "event_id": "evt_01HVZX...",
  "event": "dmarc.policy.changed",
  "severity": "info",
  "domain": "example.com",
  "ts": "2026-05-08T12:34:56Z",
  "data": {
    "from": "p=quarantine; pct=50",
    "to":   "p=quarantine; pct=75"
  }
}

Pricing

Alert engine from Pro

Monitoring

from €30/ month per domain

Slack, Teams, Discord, webhook, email. Anomaly detection with baseline per domain. Scales with domain count.

Open app

Enterprise & Partner

on request

+ PagerDuty, Opsgenie, escalation levels. Multi-tenancy (MSP), white-label, custom SLA. Consolidated invoice.

Get in touch

Compare all plans in detail →

FAQ

Common questions about the alert engine

Which channels are supported?

Native integrations for Slack, Microsoft Teams, Discord, PagerDuty and Opsgenie. Generic webhooks for your own tools (n8n, Zapier, in-house). Email alerts as standard in every plan.

Can I configure differently per domain?

Yes. Each domain has its own alert profile — for example, you can send production domains to PagerDuty and test domains only to Slack. Routing rules are based on domain, event type and severity.

How does anomaly detection work?

We build a baseline for each domain (average DMARC volume, sender distribution, failure rate). Statistically significant deviations — e.g. 10× more phishing attempts on a single day — are flagged as anomalies.

MSP routing — how does it work?

Per sub-organization you configure dedicated recipients (the customer's Slack channel, a separate email list). Mailantis automatically routes alerts to the right tenant — without giving customers access to other sub-orgs.

Alerts before the customer calls.

Slack webhook in 30 seconds. PagerDuty in two minutes.

Start Pro For MSPs