DMARC Failure Reports

DMARC Failure (Forensic) Reports

Tired of flat hard-to-understand XML format reports? EasyDMARC renders DMARC Failure Reports’ data into human-readable and easy-to-understand reports. Quickly discover the domain users when an authentication failure occurs. Gain full visibility into your outgoing email ecosystem and identify fraudulent emails sent from your domain.
Failure Report

What is a DMARC Failure (Forensic) Report

DMARC Failure Report, formerly known as DMARC Forensic Report, is another type of report, that the DMARC protocol enables you to receive. DMARC Failure (Forensic) Reports are much more detailed than DMARC Aggregate reports, as they show a sample of an email message that failed SPF, DKIM, or DMARC tests. Failure (Forensic) Reports contain all the information about individual email messages, including Sending source IP, From & recipient email addresses, email subject line, SPF and DKIM authentication results, Received time, and Email Header.

How To Receive a DMARC Failure (Forensic) Report

To receive a Failure Report, one must set an email address in "ruf" field, as it's done for "rua" field. They are normally generated and sent almost immediately after the Mail Receiver detects a DMARC failure.
Whether the failure is due to an infrastructure problem or the message is inauthentic, Failure Reports also provide more information about the failed message than is available in an Aggregate Report. Implementing Failure (Forensic) Reports will improve your email delivery by providing valuable insight about potential DMARC issues.