Is it possible to receive raw data?

DMARC Analyzer tool receives raw data that gets translated into the Aggregated and Forensic reports. We usually advise against receiving individual reports as you may receive lots of messages with unreadable raw data, at least daily. If you do want to receive the data, there is a way: Simply add an extra RUA or RUF …

Forensic reports from LinkedIn

During DMARC deployment projects, organizations often get forensic reports from LinkedIn. In this article we will explain why LinkedIn sends forensic reports and what this indicates. What are Forensic reports? If an organization places a DMARC record with a RUF tag, it will start receiving Forensic reports. Forensic reports are really valuable, because forensic reports …

How to setup PGP encryption for Forensic reports?

DMARC Analyzer doesn’t store the body of Forensic reports by default. It is possible privacy sensitive data is included in these emails. For analysis it will be harder as you don’t know which email causes your DMARC to fail. To fix this problem we introduced a new method to view the Forensic reports. When a …

Forensic DMARC reports explained

In order to receive DMARC forensic reports an organization needs to create a DMARC record and publish it into the DNS. After publishing a DMARC record, DMARC Analyzer will be able to receive DMARC forensic reports from all ISPs that support DMARC. These forensic reports contain crucial information to secure an organization’s domains. This article …

Forensic report overviews explained

Within the DMARC Analyzer Suite it is possible to view forensic reports. The forensic messages are grouped based on the subject of the detailed message. Expanding the overview shows detailed results from these messages, including the feedback- and email headers. Users are able to identify invalid email flows a lot faster by using the forensic …

Aggregate report overviews explained

Within the DMARC Analyzer Suite one can find the DMARC Aggregate Reports section in the left side bar. It is possible to group data from the DMARC aggregate reports in multiple overviews: the per sending source, the per result, the per organization and per host overviews. In this article we will explain how these overviews …

Aggregate DMARC reports explained

In order to receive DMARC aggregate reports an organization needs to create a DMARC record and publish it into the DNS. After publishing a DMARC record an organization be able to receive DMARC aggregate reports from all ISP’s that are supporting DMARC. These aggregate reports contain crucial information to secure an organization’s domains. This article …

Things to do after collecting your first DMARC data

You have implemented domains to your dashboard, added a DMARC record into your DNS and now receive data. What to do next? In this article we will tell you how you should analyze your data. After you took the first steps of deploying DMARC you will be generating data. You can now start analyzing the …

What is a DMARC report?

In this article we will cover what a DMARC report is. What a DMARC report look like, what you can do with it and how can you get them? Who sends DMARC reports? When you publish a DMARC record, a lot of ISP’s (i.e. Google, Microsoft, Yahoo, etc.) will send you DMARC reports. These reports …

What is forwarding within DMARC?

Forwarding is a bit of an edge case within DMARC. Forwarding happens when an email receiver forwards your email to another recipient. Log in on app.dmarcanalyzer.com and go to “DMARC aggregate reports” → “Per sending source” to see detailed statistics about your forwarded emails. There are two types of forwarding:   1. Manual forwarding Manual …

What does the SPF failure mean?

When aligning sources in DMARC Analyzer it’s possible that you will see several failures. But what do all these failures mean? Below we created a legenda with all possible failures. SPF SPF records can contain multiple ‘mechanisms’. These are parts of the SPF record while describe (a set of) valid sending IP addresses for this …

I’m missing forensic reports?!

Are you missing reports in the forensic section? This can have several causes. We try to explain possible causes of this here. Not all ISP’s send forensics Not all ISP’s send the forensic reports. This is mostly due to privacy considerations, but also due to performance related issues. Providing a copy of invalid messages to …

Can I add old reports?

Have you setup DMARC some time ago and would you like to add the old reports you may have already received to DMARC? You can do so by uploading them through the interface. Take a look at our uploader on the ‘DMARC aggregate reports’ > ‘Manual upload’ page. Drag the reports into the container (or …

Can I receive a copy of the DMARC reports?

You can achieve this in multiple ways, but it is surely possible! Add multiple emailaddresses to your DMARC record You can add more then 1 URI to your DMARC DNS record to receive the reports as well. An example of this can be: v=DMARC1; rua=mailto:[email protected],mailto:[email protected]; p=none; sp=none; fo=0; Caution: Using this setup it is important …