Reports and Intepretation

DMARC Monitor is a tool developed by Logix for your compliance.

DMARC is being adopted widely as an email authentication standard for receiving mail servers to determine how to evaluate emails that claim to be from your domain.

Reports

ISPs who support DMARC will also generate reports on sending activity for your domain. The reports are XML files that are emailed to the email address specified in your DMARC record.ISPs who support DMARC will also generate reports on sending activity for your domain. The reports are XML files that are emailed to the email address specified in your DMARC record. The reports contain the sending source (domain/IP) along with whether the message passed or failed SPF and DKIM. This is one of the best aspects of DMARC. Not only does it allow you to control email security for your domain, it also gives you deep visibility into who is sending on your behalf AND if they are signing with DKIM or passing SPF.

Analyse – Interpretation of data reports

The reporting and data received after implementing DMARC can be difficult to interpret. After implementing DMARC, organizations will begin to receive raw data with many potential insights into their email traffic. Having the capacity and expertise to transform this data into meaningful information can be an issue. Fortunately, if senders are willing to invest, this can be solved with managed services, who can take the data and turn it into actionable insights for senders.

Logix_logo

Logix with its more than 18 Years of experience in Enterprise Email & Email Security has experts who will interpret these reports & define an action plan to achieve maximum compliance.

Assess with DMARC Monitor

The reports that DMARC Monitor generates can help identify servers / IP’s which are sending email On-Behalf of your domains .

  1. These servers/IP’s can be identified and SPF appropriately updated.
  2. All servers including the corporate email system will have to pass through Common email gateway which enforces DKIM.

DMARC brings these two mechanisms together in a powerful manner by allowing senders to specify a policy that tells receivers what to do with email messages that fail to pass SPF and/or DKIM validation. DMARC also enables senders to receive data back from receivers, providing insight into fraudulent email patterns. Before DMARC, there was not an effective feedback channel for failed email, so senders were largely in the dark on email once messages left their servers.

DMARC Monitor Policies

There are only three DMARC policies that a sender can specify, and thus, three deployable configurations for DMARC:

  • p=none: Tells the receiver to do nothing to the message except report back to the sender that it failed DMARC validation. Basically, the sender tells the receiver to deliver the message but lets the sender know why it failed DMARC validation.
  • p=quarantine: Tells the receiver to treat the message as spam, results in delivery of the message to the recipients’ junk/spam folder, and then tells the receiver to report back on why the message failed validation.
  • p=reject: Tells the receiver to block the message and report back on why the message failed validation.

Compliance Mentor - DMARC Monitor Handholding

The Above steps ensure , All legitimate mails are following compliance , till we reach more than 90 % Compliance , DMARC should be configured as p=quarantine , If constantly DMARC Monitor shows above 90 % , Then the same can be set as p=reject

Logix handholds the customer to point that customer can take decision to change DMARC Configuration to  p=reject.