Have you published a DMARC (Domain-based Message Authentication Reporting and Conformance) record? If the answer is yes, then you receive DMARC reports that reveal crucial information about your email ecosystem—including authentication results, domain alignment, potential email threats, and more. But understanding these reports is not intuitive.
That’s why, in this two-part blog series, we break down how to read the two types of DMARC reports at your disposal: aggregate reports and forensic reports. We’ll start with aggregate reports.
What Are DMARC Aggregate Reports?
DMARC aggregate reports provide information about which emails are authenticating against SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail) and DMARC, and which are not.
While aggregate reports do not provide much information about the email messages themselves, they can provide valuable visibility into the health of your email program by helping you identify potential authentication issues and/or malicious activity.
How to Request DMARC Aggregate Reports
To start collecting data on your email streams, publish a simple DMARC record in monitor mode (tag: p=’none’), with a request for aggregate reports (tag: rua=mailto:[email protected]). Need help to create a DMARC record? This post along with our DMARC Creation Wizard will help you build one.
Once your DMARC record is in place, participating mailbox providers will send daily aggregate reports to the destination you defined in the rua tag.
Below is an overview of what is—and what is not—included in these DMARC aggregate reports, along with real-world examples so you can become more familiar with the format.
What Is Included in the DMARC Aggregate Report
1. ISP information, including:
2. A line-by-line description of your DMARC record, including:
3. Summary of authentication results, including:
What is Not Included in the DMARC Aggregate Report
As you can see, the information not included in DMARC reports is just as, if not more, important than the data that is included. Data is just data until you can organize it in a way that provides value. Working with a partner like Return Path can deliver value with comprehensive and digestible insights into your sending domains’ policy readiness and performance.
In part 2, I’ll walk you through how to read your DMARC forensic reports. And contact us now if you want help making sense of your DMARC reports.