Different DMARC Report Formats For Complete Information Regarding Email Authentication
DMARC or ‘Domain-based Message Authentication, Reporting, and Conformance’ is a technical standard working as an email authentication protocol. It helps safeguard the email senders and recipients from social engineering attacks and provides reports in two different DMARC report formats based on the authentication status of the emails.
Table of Contents
How To Use DMARC Reports
The user only has to add a DMARC record to the organization’s DNS database. When the DNS record is published, the ISPs start sending various online DMARC reports, such as the Google DMARC reports or the kind of DMARC reports Office 365 sends. The report comes in flat XML text, which the user can analyze using any DMARC report analyzer open-source software.
DMARC Formats – Aggregate And Forensic
There are two fundamental types of DMARC report formats, viz., Aggregate, and Forensic. They provide different sets of valuable information, as discussed below.
Aggregate Report
It is an XML document with information regarding the authentication process of a message sent from a particular domain. This report helps the organization in verifying if the emails are authenticated against the standard policies and practices.
It provides the following crucial information with which the organization can quickly identify who is sending emails on its behalf and if the emails are authenticated. Its format includes the following details
- The domain using which the email is sent
- The IP address of the sender
- The number or volume of messages sent on a particular date
- The DKIM (Domain Keys Identified Mail) or SPF (Sender Policy Framework) details of the sending domain
- The authentication result based on DKIM and SPF
- The authentication result of DMARC
Forensic Report
An ISP generates a report in the Forensic DMARC report format when a message fails the DMARC authentication, and the DKIM or the SPF does not line up with the DMARC. It contains the following information
- Sample data of emails that point out the issues concerning a specific source or mail stream
- Message-level data
- ‘To’ and ‘From’ fields of the emails
- Sender’s IP address
- The body of the message
Final Words
When an organization has to send a large volume of commercial and transactional emails, it may implement a DMARC policy and ask its ISP to generate reports in both types of DMARC report formats. It will help the organization with efficient email authentication and in verifying whether a particular email is sent from its network or not.
Join the thousands of organizations that use DuoCircle
Find out how affordable it is for your organization today and be pleasantly surprised.
Interested in our Partner Program for MSPs and VARs? Visit Our MSP Partner Program.