Key takeaways ✨
|
You’ve enabled Domain-based Message Authentication, Reporting, and Conformance (DMARC) to protect your brand from phishing and spoofing—an important first step for any business that sends emails. Good work!
Now, you’re receiving technical reports filled with data. They reveal essential information about your email ecosystem, including potential email threats and authentication results. Learn how to cut through the noise and turn data into actionable insights to make the most of your first DMARC report.
Table of contents
What are DMARC aggregate reports?
DMARC tells receiving mail servers how to handle emails that claim to be from your domain but fail authentication. It helps prevent phishing and spoofing attacks. They also provide visibility into your email ecosystem through detailed aggregate reports.
DMARC aggregate reports don’t contain sensitive message content, but they offer an overview of sent emails claiming to be from your domain. They show:
- Whether emails passed DMARC authentication.
- Which servers sent them according to source IP/sending domain.
- What actions did receiving mail servers take based on your DMARC policy.
These reports can help you determine whether your DMARC setup is effective, identify legitimate email sources that may be misconfigured, and detect potential unauthorized use of your domain.
Unlock 2025 inbox benchmarks now
Download Validity’s 2025 Email Deliverability Benchmark Report and learn how your inbox placement compares before your next send.
The most important DMARC information
Here’s what to prioritize:
- Failing email authentication from legitimate sources: Look for emails that are failing DMARC authentication but are coming from IP addresses that belong to your authorized email senders. These suggest a misconfiguration in your Sender Policy Framework (SPF) or DomainKeys Identified Mail (DKIM) records, which can lead to legitimate emails being sent to spam or blocked.
- Unfamiliar sending IPs: Monitor unfamiliar or unexpected IP addresses that attempt to send emails claiming to be from your domain, especially if those emails fail authentication. Flag them quickly as they indicate spoofing or phishing attempts.
- Policy actions: Review the DMARC policy actions taken by receiving servers, such as quarantine or rejection, to confirm whether your DMARC policy is being enforced as intended.
What to do with DMARC data
Here’s what to do next, depending on what the reports show:
- Legitimate emails are failing authentication: Investigate the specific email sending platforms or servers. You’ll need to check their configurations to ensure they’re correctly set up to authenticate emails from your domain. This might involve updating your SPF or DKIM records in your domain’s DNS settings. Resolve these issues to enhance your email deliverability.
- Unauthorized or suspicious senders: If the reports highlight unfamiliar IP addresses trying to send emails claiming to be from your domain, and these emails are failing authentication, this is where you leverage your DMARC policy. If your policy is set to “monitor” (p=none), consider moving it to a more enforced state, like “quarantine” or “reject.” This policy directs receiving mail servers to send those suspicious emails to spam folders or block them.
- Your DMARC policy isn’t being enforced as expected: Investigate why the receiving servers aren’t following your specified policy. Various factors can cause this to happen, but ensuring your policy is correctly published and understood by recipients is essential.
Stop stressing about email deliverability
Reading DMARC reports is an important first step in protecting your brand from phishing and spoofing. But DMARC is just one piece of the puzzle, you also need to ensure deliverability, so your readers are actually able to see your message. Litmus Deliverability helps you identify and fix deliverability threats, track your sender reputation, and gain deeper insights into how your audience engages with your emails, working hand-in-hand with DMARC to boost your email marketing ROI and get your messages to the right place: the inbox.
Lindsey is a Sr. Content Marketing Manager at Validity.
