Analyzing your Domain Report

This section explains how you should read the DMARC Analyzer Domain Report, the main report of our service.

First, you should filter based on the domain you’d like to review.

After filtering, you might see the results grouped like in the image below:

dmarcresults (1)

 

Title Description
Green authentication results:
DMARC compatible – fully aligned These messages were DMARC compliant and thus had a valid (and aligned) DKIM signature and they were sent by an IP address which was authorized through SPF.
DMARC compatible – DKIM aligned These messages were DMARC compliant because they had a valid (and aligned) DKIM signature. SPF did not pass for these messages
DMARC compatible – SPF aligned These messages were sent by an IP address which was authorized through SPF. The messages did not have a valid (and aligned) DKIM signature.
Blue authentication results:
DKIM validated, but not aligned, SPF failed These messages have a valid DKIM signature, but this signature was not aligned with the domain.
(The signature was created using another domain than the domain in the “From:” header of the email)
SPF validated, but not aligned, DKIM failed These messages were sent by an IP address which was authorized through SPF. The domain validated was not aligned with the domain in the From header of the email. The DKIM signature for this email was missing or failed.
Red authentication results:
DKIM/SPF failed Both DKIM and SPF failed for these messages. This is the first group to have a look at while analyzing the DMARC data.
Postfixes
– Forwarded The messages were forwarded by another mail account. Some users set up an account to automatically forward the e-mail to another account. This can cause headers to be changed as the forwarder becomes the “new sender” of the message.
– Mailinglist operator The messages were sent by a mailing list operator. This can be marketing newsletters or other e-mails from a mailinglist (possibly sent by a third-party).
– Trusted forwarder The sender of the DMARC report has marked the IP address which forwarded a message as a “trusted forwarder”. The ISPs have their own rules for this.