DMARC Report – Efficient Control And Authentication Of The Email Traffic On Your Domain

DMARC is the technical standard that ensures protection for email communication from online threats.

DMARC defines the email authentication practices of an organization’s policies and instructs the receiving email servers on enforcing them. Some users confuse DMARC with being a mail authentication protocol, while it only supplements mail authentication by building on SPF and DKIM, the critical authentication standards.


DMARC Monitoring

Functions of DMARC Reports

DMARC reports help in systematic and efficient email authentication. They enable domain owners to perform the following functions:

  • Publish email authentication practices
  • State the course of action for the emails failing authentication checks
  • Report the action on such emails


What Is The Online DMARC Report?

As per the DMARC validation process, the inbound mail servers generate two types of online DMARC reports. They are

Aggregate Reports

They are XML documents that show statistical data of incoming messages to the server that claim to be from a specific domain. They are designed to be easy for machines to read.

Forensic Reports

They are individual copies of emails that fail authentication. They are enclosed as a complete email message in a unique DMARC report format called AFRF (Authentication Failure Reporting Format). Forensic reports help in troubleshooting the domain authentication and identifying malicious websites.


Aggregate DMARC Report Format In Brief

The aggregate DMARC report is a summarized report providing a lot of useful information. It comes in a specific format and includes the following information:

ISP information

  • The name of the Mailbox provider
  • The Mailbox provider’s email address and contact information
  • The report ID number
  • The range of the beginning and end dates

A detailed description of the DMARC record

  • The Header domain/ From domain
  • The alignment settings of DKIM and SPF
  • The domain policy
  • The subdomain policy
  • The percentage of messages that need a DMARC policy

Summary of authentication results

  • The IP identified as the source of either fraudulent or legitimate email
  • The count of IP addresses
  • The disposition of the message
  • The DKIM authentication results
  • The SPF authentication results


dmarc check


DMARC Reports Office 365

DMARC reporting for users of Office 365 is an easy and mostly automatic process. Here is how it reports inbound and outbound emails.

DMARC For Inbound Mail

In Office 365, the program automatically detects and marks the inbound emails’ malicious domains. It subsequently sends a detailed report to the user.

DMARC For Outbound Mail

Users that work on Office 365 with the original domain, i.e.,, do not need to configure DMARC for their organization. Office 365 generates the DKIM signature for the outgoing email automatically, as SPF is already set up in the Microsoft account.

However, an organization that either uses an on-premise exchange server or a custom domain, in addition to Office 365, has to set up DMARC manually for their outbound emails.


Google DMARC Report

Google usually sends DMARC reports to its users once a day. Organizations receive it on the email address specified in the DMARC record. If they turn on reports with DMARC record tags, each receiving email server from the domain will send a separate report.

Google DMARC report is sent in XML format, which includes its metadata. It essentially informs if the message from the organization’s domain passed DMARC. Other details in the DMARC report include

  • The total number of outbound messages from a single IP address
  • The DMARC, SPF, and DKIM authentication results for outbound and inbound messages
  • Action that the receiving server takes, such as accepting unauthenticated messages that passed ARC authentication


Why Choose A DMARC Report Analyzer Open Source

A DMARC report analyzer open source specializes in receiving, storing, and analyzing the reports. Since reading and interpreting the DMARC reports in their raw format can be cumbersome, organizations go for a third-party service. Here are other reasons why businesses need it.

  • An organization may receive multiple reports in a day based on the number of outgoing email servers, the number of emails, and the DMARC policy record’s reporting options.
  • Organizations might require a dedicated mailbox or group for receiving and storing the reports.
  • Open source services combine individual reports to make them readable.
  • They help in analyzing the aggregate DMARC reports. Users also get feedback on the effectiveness of the DMARC record.
  • Such services offer tools for managing and maintaining DMARC independently for their domains.

DMARC reports form a crucial component of the overall information security policy of an enterprise. They can review the information to ensure that only authorized servers send messages from their domain and pass the authentication checks. The DMARC reports also alert the administrators about potential spammers and help maintain network and system security.

Join the thousands of organizations that use DuoCircle

Find out how affordable it is for your organization today and be pleasantly surprised.

Interested in our Partner Program for MSPs and VARs? Visit Our MSP Partner Program.

Pin It on Pinterest