Your ‘From’ domain
Do DMARC Reports Contain Sensitive Data?
DMARC reports come in two kinds: aggregate reports (RUA) and forensic reports (RUF). Aggregate reports collect all the authentication-related data about your emails, compiles in an XML file, and arrive in your inbox.
RUF reports are generated each time an email fails SPF, DKIM or DMARC. Because they’re created on a per-email basis, they may potentially contain some personal information from the email. These include:
RUF data rarely contain the contents of your email, but even the items listed above could be considered sensitive.
That’s Why We Offer Forensics Encryption
PowerDMARC lets you encrypt all your DMARC Forensic RUF reports as they’re generated. To make it even more secure, you can generate your own key-value pair to encrypt your RUF data. We have zero access to your encryption key.
PowerDMARC helps you comply with industry regulations and standards like PCI-DSS, GDPR, ISO 27001, California Consumer Privacy Act (CCPA).