PowerDMARC

Understanding DMARC Reports: DMARC Aggregate and Failure Reports Explained

rua ruf blog

rua ruf blog

DMARC (Domain-based Message Authentication Reporting and Conformance) is an email authentication standard that provides domain owners with a way for generating reports about emails sent from one domain to another. DMARC provides reporting capability, in the form of DMARC reports, which lets receiving email servers provide back data to the sending domain about incoming emails, such as the volume of both legitimate and fraudulent messages. This helps domain owners respond to email deliverability issues and domain spoofing incidents at a faster pace.

DMARC reports are of two primary types:

In this blog we would be breaking down each of these DMARC reports and explaining what kind of information they provide us.

How Do DMARC Aggregate Reports Help You?

DMARC aggregate (RUA) reports help you keep track of the delivery status of all emails received from your domain. They’re sent in XML format daily and offer several points of information regarding the status of emails sent from your domain. DMARC aggregate reports are sent to your designated email address, providing a useful general analysis of emails sent from your domain. They come in handy when you want to see how well your emails are performing in terms of deliverability and which IP address(es) are failing DMARC authentication. From these Reports, you can easily view:

DMARC aggregate reports help you track policy in effect, and avoid any inbox disruptions that could adversely affect your subscribers, pulling all of your email activity together with a snapshot of emails failing authentication on your receiver’s side. It helps you track DMARC breaks and understand where you need to improve. Aggregate report data can be used to find out who has been spoofing your domain. You will be able to see which sending source is spoofing and the IP address behind it is trying to impersonate your domain over and over again and you can take action against these entities.

How Do DMARC Forensic Reports Help You?

A DMARC forensic report of any incident is an in-depth look at the details that led up to a phishing or spoofing attack, including all email exchanges and headers. DMARC uses the term “pass” to describe an email that has been received as normal. If your company sends emails and they are not considered “passes” according to the DMARC policy, your server will generate a forensic report. Analysis of a DMARC failure report can provide forensic insights into the deliverability of a message and how it is perceived in an email server’s spam/junk folder.

Although in comparison to DMARC Aggregate Reports, forensic reports are not as widely implemented by mailbox providers, however, they can prove to be a useful way to get detailed information about how and why emails fail DMARC. They can also help with troubleshooting various senders’ email delivery issues providing domain owners with the most granular analysis, detailing precisely how many emails were stopped before they reached the inbox, and why.

How are PowerDMARC’s RUA and RUF Reporting Mechanisms Different?

PowerDMARC makes DMARC reporting easier for you. Aggregate reports are generated in XML format that can be quite difficult to read. We simplify them for you, by converting them into charts and tables for ease of understanding. Furthermore, DMARC reports on the PowerDMARC platform are available in 7 different viewing formats that help you sort out reports by sending sources, organizations, hostnames, geolocations and much more!

As explained above, DMARC forensic reports can be extremely detailed and may contain email content. This is why we help you encrypt them with a private key that only you have access to.

Sign up with PowerDMARC today to configure your DMARC XML reader and take advantage of the various benefits of DMARC reports, starting today! Understand your DMARC reports easily.

Exit mobile version