The Reports section of OnDMARC contains the following information:

  1. Domain - drop-down menu to select the domain that you want to view reports for.

  2. Time period - can be customised to show different time periods.

  3. Compliance - graph showing the results of DMARC validation of emails.

  4. Senders - contains all sources that send email on your domain's/subdomain's behalf 

  5. Receivers - contains information on the receivers of your emails.

  6. Locations - location of emails closest to the receivers

  7. Delivery - shows total delivery rate for the specified time period per domain or sender if you have gone into a particular sender and then select the Delivery tab.

Examples of each tab is shown below.

Domain and Time period:

Compliance

 Senders

This section contains information about the sources that send emails on your behalf. It has been split into 5 separate tables:

  • All - contains all senders

  • Assets - contains only a view  of your Assets

  • Forwarders - contains senders that you have classified as Threats but are passing DKIM 100% therefore suggesting forwarding behaviour. 

  • Threats - contains only a view of your Threats

  • Unknown - contains all senders that you have not yet classified. You can use the multi-select feature to classify senders from this section.

To help you troubleshoot any DMARC validation failures for a given source please click on the row that contains the failures. You will be presented with information related to each protocol DMARC, SPF and DKIM on separate tabs, the reasons for the failures per protocol and the disposition of the emails.

Receivers

If you would like to see the receivers for a given source you could do that by going to the source in question and then clicking on the Receivers tab as show below. 

Locations

Delivery

This section shows the percentage of DMARC fails, DMARC policy overrides and ARC overrides and displays a percentage of each per day for the time period specified. Although DMARC validation might have failed (ie. SPF and DKIM have failed) a receiver might choose to override the DMARC policy specified and accept the message. This counts as DMARC override.
Another protocol that helps with indirect mail-flow that breaks SPF and DKIM is ARC. It can be used to override the results and any DMARC validation failures as well. For more information on ARC please see the below article. The point of this tab is to show the total delivery rate taking into account all overrides in order to reach 100%.


Learn more about OnDMARC forensic reports by clicking the button below.

Did this answer your question?