How to Using forensic reports to identify unknown sources
While DMARC aggregate reports are great for an overview of your sending, they do not provide detailed information you can use to help locate unfamiliar sources that show up in your aggregate reports as failing DMARC. DMARC aggregate reports provide a great high-level overview of your DMARCprotected domains, but they don't show you information such as the actual IP addresses that are associated with each sending. Based on publicly available data from DNS IP intelligence and Reverse DNS lookup, we can create a report that identifies all unique sources within your aggregate reports. These unknown sources may be related to spam bots that don't send valid DKIM signatures. We have found that in some cases these are internal corporate IPs which are not regularly used for mail delivery yet may be used by the marketing department to send a few test emails. Forensic reports are one method that you can use to help identify unfamiliar sources appearing in your aggregate reports. They allow you to examine individual messages and get a breakdown of each element within a message. Using forensic reports and DMARC, you can greatly increase your ability to identify unfamiliar senders and protect your brand's inbox placement and
reputation. Forensic reports can be a powerful tool in your DMARC implementation. They provide more detailed information than the aggregate DMARC reports, but they require that you review them manually. If you want a set-it-andforget-it solution, forensic reports might not be right for you. What is DMARC forensic reporting? DMARC forensic reporting provides near real-time insight into your DMARC failures, giving you a powerful tool to identify and quarantine fraudulent emails. Using forensic reporting, you can receive a report every time an email is sent that fails DMARC. These reports are typically sent by the receiving ISP immediately after the DMARC failure occurs, allowing you to act immediately. Forensic reporting is a feature that can provide near real-time insights into your DMARC failures by delivering DMARC forensic reports to your inbox. These emails are delivered immediately after the DMARC failure occurs, allowing you to quickly address potential issues with the sending domains or email services. DMARC lets you protect your domain, and ensures that email is delivered properly to inboxes. Forensic Reporting gives you near real-time insight into things that are going wrong with DMARC at your organization. How do I start getting forensic reports? Since these reports can include personally identifiable data, there are privacy concerns surrounding them and many popular providers don't send them. DMARC Record Digests does not currently support the processing of forensic reports, but you can opt to have them sent to your own email address. You can choose to have forensic reports delivered to your own email address. While DMARC Digests does not currently support the processing of forensic reports, you can choose to have them delivered via the DMARC Hub and processed by a third party provider. Your DMARC reports are available as an email attachment in the DMARC section of your account. Access them anytime by logging into your Control Panel, then by going to 'My Domain' tab and clicking on the 'DMARC' link before entering your password. DMARC Digest provides an overview of your DMARC policy's effectiveness. Since these reports can
include personally identifiable data, there are privacy concerns surrounding them and many popular providers don't send them. You can opt to have the daily DMARC emails sent to your own email address from within your dashboard, not from third party providers. Note:- EmailAuth.io helps you get your email delivered to millions of inboxes, increase your ROI, generate more revenue and establish trust with your customers.