I was talking to a friend last week about DMARC reports. Her friend, who’s a bit of an email nerd (yay!) runs his own email domain and has DMARC reports for his own domain coming back directly to him. He does this because he’s got that nerd gene and putting those DMARC reports right in front of him helps to give him a chance to learn about DMARC and its reporting. (Where it leads back to me is that he had a question about something he found in an XML report, and he asked my friend, who asked me about it. Was this XML report reflective of an email being sent from platform X? It's not always easy to know from just looking at raw IP addresses.)
Except! Wouldn’t it be nice if he also had a DMARC reporting tool building a dashboard and map, showing sending sources and locales for all the email using his domain name? That way he wouldn’t have to manually identify IP addresses from the XML-structured DMARC report email content.
The DMARC standard is structured in a way where it’s easy to have it both ways. You can still have DMARC reports come to YOU, if you want, but ALSO have them fed into a DMARC reporting tool.
The trick to do that is a simple one: In your domain's DMARC record, just take the “RUA” field – where you put your aggregate reporting email address – and add a second address (along with a second “mailto”).
Your DMARC record would look something like this:
- Before: v=DMARC1; p=reject; sp=reject; rua=mailto:dmarc@wombatmail.com
- After: v=DMARC1; p=reject; sp=reject; rua=mailto:dmarc_agg@vali.email,mailto:dmarc@wombatmail.com
In short; the best of both worlds! I can geek out with the XML on demand, but I now also have the ability to get easier-to-digest visual reporting and track activity over time without having to manually compile data on my own.
1
Comments
I do something similar as I’m frequently asked about different tools (including Valimail) and which is best for that particular client. However I setup a distribution list and have all the mail sent there, then it relays to the various DMARC reporting tools. If I need to add a new tool for testing/demo/review I just update the distribution list and the next time it’s done. So far I’ve not run into any issues with this setup.
ReplyDeleteThis setup also helps get around the limit of max two RUA addresses in the DMARC standard.