Phishing is a common term used to describe unsolicited email messages that are sent with the objective of stealing confidential information from the email receiver. By taking advantage of the lack of adequate security mechanisms in the core email protocols, phishers can impersonate email senders that are known and trusted to the email receiver, to make attacks even more effective. Domain-based Message Authentication, Reporting and Conformance (DMARC) is a new sender authentication technology that has emerged and proliferated in recent years to help combat email sender impersonation. In addition to authenticating email sender domains, DMARC standardizes the report exchange about authentication results between email providers, yielding unprecedented insights into email domain use and abuse. This Master thesis presents DMARC viewer, a fully functional open source DMARC report analysis software, which, in contrast to existing tools, provides complete report data sovereignty and a multitude of related DMARC learning aids to its users. An extensive set of user requirements for the software is assessed by studying the underlying technologies and, more importantly, by including relevant industry experts in the participatory development process. A broad review of suitable user study methods, the design and execution of field studies and evaluations of prototypes of incremental fidelity, as well as the interpretation of the collected data and their significance for the design of the target system and for usercentered software development in general constitute a secondary contribution of this work. An important insight from the user studies is that mail administrators will ultimately require more experience with DMARC to assess the full extent of its use and usefulness. The analysis of DMARC reports using the presented software aptly serves that purpose. This will be shown by the results from the corresponding user studies, coining the title of the thesis, “learning by viewing”.