DMARC reports are organized DMARC authentication and sender alignment data that are typically delivered to a designated email address or accessible through a web-based portal. Once you have the reports, you can analyze them to gain insights into the DMARC authentication status and handling of email messages sent from your domain.
In this Blog Post, I will show you some online websites with useful tools to help you manage your DMARC reports.
Table of Contents
Check Your Domain DMARC/SPF/DKIM Status
Some resources we can use online for DMARC deployment:
3DMARC Report (https://app.dmarcreport.com/) (jy @ 51sec): Manage and monitor your DMARC configuration and reports
DMARC uses a combination of SPF and DKIM to authenticate email. An email needs to pass either SPF or DKIM to pass DMARC and be delivered successfully. And it also adds one key feature that makes it far more effective than SPF or DKIM alone: Reporting.
Policy set to none
_dmarc.contoso.com 3600 IN TXT "v=DMARC1; p=none"
Policy set to quarantine
_dmarc.contoso.com 3600 IN TXT "v=DMARC1; p=quarantine"
Policy set to reject
_dmarc.contoso.com 3600 IN TXT "v=DMARC1; p=reject"
Once you’ve formed your record, you need to update the record at your domain registrar.
For example, for 51sec.org site, we can create one _dmarc TXT record:
You can check the ip to see if it is making sense to you where you might have sent out an email to hotmail.com. If you have no idea about this ip and sent-to-domain hotmail.com, most likely, someone is trying to spoof your domain to send emails to hotmail.com.
Here is how it looks like from dmarcreport.com website with this reported DMARC record.