After you have added a DMARC record to your DNS, you’ll start receiving data pertaining to your email deliverability, domain usage, and domain security. Wondering what to do with it? Well, we’ll tell you just that! But first, you need to understand what a DMARC report is.
What is a DMARC report?
DMARC reports are authentication results from your domain. It acts as a feedback mechanism that helps the domain owner track email security and deliverability issues. The report also intimates the domain owner of malicious sources and protocol errors.
DMARC reports are a goldmine of valuable information. This data can be used to strengthen a domain and take action against malicious sources while minimizing errors and deliverability issues. However, DMARC reports can be confusing to the average user due to their highly technical nature.
The reports are of two types: DMARC Aggregate (RUA) Reports and DMARC Forensic (RUF) Reports. They are sent in XML format to the domain owner’s email address periodically.
Let’s look at an example of a DMARC sample report and try to understand the different aspects it consists of.
ISP/ Email Service Provider
<?xml version=”1.0″ encoding=”UTF-8″ ?>
google.com
noreply-dmarc-support@google.com
http://google.com/dmarc/supp
Report ID
8293631894893125362
Date Range
1234573120
1234453590
DMARC record
yourdomain.com
r
r
none
none
100
IP Address
302.0.214.308
Authentication Overview
none
fail
pass
From:Domain
yourdomain.com
DKIM authentication report
yourdomain.com
fail
SPF authentication report
yourdomain.com
pass
Here are a few things that you should do after you receive your DMARC report:
Monitor your sending sources
DMARC reports will present a list of all the domains and IP addresses you use to send emails. It gives you insight into your various devices and lets you know if an unauthorized IP is trying to send an email to a recipient on your behalf.
Check Email Authentication
DMARC reports will show you if your mail sender fails SPF, DKIM, or DMARC authentication standards.
Regulate the usage of your Domain
DMARC reports help you determine if there are any unauthorized senders using your domain to send emails to unsuspecting recipients.
Regularly analyzing your DMARC reports helps you strengthen your domain and improve its security rating. In addition, your brand reputation among your customers increases when your mailing systems are more secure and safer than others.
Original Source: https://www.ebaumsworld.com/blogs/things-to-do-after-collecting-your-first-dmarc-data/86978498/
Top comments (1)
Studying raw dmarc aggregate reports can be overwhelming. Incase it helps,
Here is an open source DMARC visualizer here: github.com/evermight/elk-dmarc . It only requires Docker, nothing else.
The author made a 6 minute video to demonstrate installation and usage: youtube.com/watch?v=XLTaKeJhI7c . I was pretty much up and running in 5 minutes following the video.
Hope that helps someone