All Collections
Learn about DMARC
What is a DMARC Aggregate Report?
What is a DMARC Aggregate Report?

An Aggregate Report offers valuable insight into your email authentication. It is one of two types of reports that DMARC provides.

Ivan Kovachev avatar
Written by Ivan Kovachev
Updated over a week ago

A DMARC aggregate report contains information about the authentication status of messages sent on behalf of a domain. It is an XML feedback report designed to provide visibility into emails that passed or failed SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail).

The report provides domain owners with precise insight into:

  • The authentication results, and

  • The effect of the domain owner’s DMARC policy

The report contains the following:

  • The domain or organization that sent the report

  • The domain that you are receiving the report for and its current DMARC policy

  • Date

  • Sending IP address

  • Email count

  • The disposition of those emails ie. the policy that was applied to those emails by the receiver

  • The SPF identifier and result, if any

  • The DKIM identifier and result, if any

How do the recipients of my emails know where to send the aggregate reports to?

The recipients of your emails will look at the rua tag of your DMARC record and send the reports there. 

For example: rua=mailto:[email protected] 

You can also specify the aggregate reporting interval by using the “ri” tag in your DMARC record. By default, this is set to 86400 seconds, an equivalent of 24 hours.

For more information on the various DMARC tags and their meaning please click on the button below. 

To find out what a Forensic Report is please click on the button below.

Learn more about our automated DMARC solution, OnDMARC

If you're interested in learning more about OnDMARC and how it can help your organization defend itself from phishing attacks, click the link below.

Did this answer your question?