All Collections
Security
What data does OnDMARC process and store?
What data does OnDMARC process and store?

Information on aggregate and forensics reports, what data is contained in them and how we treat it.

Ivan Kovachev avatar
Written by Ivan Kovachev
Updated over a week ago

DMARC reports

The DMARC protocol creates a record with metadata about the validation status of each email it receives from each organisation. These records are then aggregated and sent as a file attachment to the OnDMARC email specified in the organisation’s DMARC record. 

Aggregated reports include metadata about each validated email, the only data stored on our systems is:

  • IP address of the senders of emails that use your domain, this can be authorised and unauthorised senders

  • Domain name related to each IP, when the IPs resolve to a domain name

  • Email count for each IP sender

  • Email validation information for each email: 

                 - SPF Pass or Fail

                 - DKIM Pass or Fail

                 - DMARC Pass or Fail

Forensic reports are generated for emails that failed DMARC validation and can include certain headers as defined for each email sending service. Forensic reports are not supported by all email receivers. The usual headers and data that Forensic reports may contain are:

  • Return-Path

  • Authentication-Results

  • DKIM-Signature

  • Received

  • From

  • Subject (Redacted to prevent sensitive information)

  • Body (preventively redacted by OnDMARC. Only character count and URLs used are kept)

  • Mime-Type

  • “X-” extension headers 

Body information is not sent by specifications of the protocol, however some email receiving servers can add the body in the forensic reports. OnDMARC removes the body information which is not stored or processed in any of our systems.

To find out how we treat information found in forensics reports please click on the button below. 


TLS Reports

OnDMARC collects, processes and stores the TLS reports associated with your MTA-STS configuration. These reports may contain the following information:

  • sender organization-name (the sender of the TLS report)

  • date-range

  • start-datetime and end-datetime

  • sender contact-info

  • report-id

  • policy-type

  • policy-mode and version

  • mx

  • policy-domain (your domain)

  • mx-host

  • total-successful tls sessions

  • total-failure-session-count

  • failure-details such as: the result of the tls session and the sending-mta-ip

  • receiving-mx-hostname

  • failed-session-count": 100

BIMI application information

OnDMARC processes and stores the following information related to BIMI.

  • Company details such as: Company Name, Street Address, City, Country and Postal Code

  • Contact details for the named Authorization Contact, Contract Signer and Higher Authority such as: Name, Family Name, Title, Phone and Email address. We also process and store the contract signer's address.

  • Company Logo

  • Trademark information

Did this answer your question?