DMARC Reports at Lightning Speed, Unmatched Clarity

DMARC Failure Forensic Reporting (RUF) magnifies your email channels to maximize intruder detection

What is DMARC Failure/Forensic Reports (RUF)?

DMARC Forensic Reporting, or RUF, is a feature similar to Aggregate reporting (RUA). RUF allows you to receive reports on the status of emails sent through your domain that fail DMARC, SPF or DKIM validation. These reports contain detailed diagnostic information that make it possible for you to identify the source of the problem and fix it.
Forensic reports differ from Aggregate reports in one key way: they’re generated every time an individual email fails DMARC authentication, and contain information specific to that single email. Aggregate reports, meanwhile, are an overview of all emails flowing through your channels and are sent only once a day. These don’t contain data of every individual email sent.
Forensic reports are generated and sent to whatever email is specified in the domain’s DMARC record. The data they provide can be extremely useful in not only identifying delivery issues in your domain, but they’re also an effective way to find out if someone’s trying to spoof your domain, since they provide the sender’s IP address as well.

Instant notifications of DMARC failure
As soon as an email fails DMARC, you receive an RUF report with information about it
Data on a per-email basis
Each RUF report contains data about a single email, letting you inspect it in more detail

Identify unauthorized IPs faster
When you have fewer but more detailed reports, finding an unauthorized IP among them is much easier
Discover earlier, fix earlier
Instant reports mean you’re alerted to an issue quicker, enabling you to resolve it sooner

Complex reports are converted presented through simplified views, so you’re not wasting any time with long, confusing reports

If you’re concerned about sensitive information in your email, we offer forensic report encryption, both automatically and on demand