A DMARC aggregate report contains information about the authentication status of messages sent on behalf of a domain. It is an XML feedback report designed to provide visibility into emails that passed or failed SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail).
The report provides domain owners with precise insight into:
The authentication results, and
The effect of the domain owner’s DMARC policy
The report contains the following:
The domain or organization that sent the report
The domain that you are receiving the report for and its current DMARC policy
Date
Sending IP address
Email count
The disposition of those emails ie. the policy that was applied to those emails by the receiver
The SPF identifier and result, if any
The DKIM identifier and result, if any
How do the recipients of my emails know where to send the aggregate reports to?
The recipients of your emails will look at the rua tag of your DMARC record and send the reports there.
For example: rua=mailto:[email protected]
You can also specify the aggregate reporting interval by using the “ri” tag in your DMARC record. By default, this is set to 86400 seconds, an equivalent of 24 hours.
For more information on the various DMARC tags and their meaning please click on the button below.
To find out what a Forensic Report is please click on the button below.
Learn more about our automated DMARC solution, OnDMARC
If you're interested in learning more about OnDMARC and how it can help your organization defend itself from phishing attacks, click the link below.