{"id":182,"date":"2021-03-18T11:32:36","date_gmt":"2021-03-18T11:32:36","guid":{"rendered":"https:\/\/prodmarc.com\/knowledge\/?p=182"},"modified":"2021-03-18T11:32:36","modified_gmt":"2021-03-18T11:32:36","slug":"send-dmarc-aggregate-and-forensic-reports","status":"publish","type":"post","link":"https:\/\/knowledge.progist.net\/index.php\/2021\/03\/18\/send-dmarc-aggregate-and-forensic-reports\/","title":{"rendered":"How do mail receivers know where to send DMARC aggregate and forensic reports to?"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"182\" class=\"elementor elementor-182\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-5c333115 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"5c333115\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-210483bc\" data-id=\"210483bc\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-7163f9d elementor-widget elementor-widget-text-editor\" data-id=\"7163f9d\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><\/p>\n<p>A mail receiver looks at the domain found in the From header of an email and looks up the DMARC reporting requests for that domain. It looks at the RUA and RUF tags found and does an authorization check to see if the domains specified (in the mailto:) as report receivers have authorized (agreed) to receive reports for this From domain.<\/p>\n<p><\/p>\n<p><\/p>\n<p>Report authorization is related to when a sending domain specifies a different domain (in its RUA and RUF tags) to which reports should be sent to. The destination domain (report receiver) of the reports has to have a record which essentially says \u201cyes\u201d I can receive reports on behalf of the sending domain. If this authorization record does not exist at the report receiver side, then reports should not be sent to that domain.<\/p>\n<p><b>Aggregate reports<\/b> are received every 24 hours and include the origination details of your emails, which include the source IP address your email was generated from along with the result of your SPF and DKIM authentication. The information from aggregate reports is used to identify all your legitimate email sources and authorize them accordingly.<\/p>\n<p><b>Forensic reports<\/b> are received every time an email from your domain fails both the authentication mechanisms, SPF &amp; DKIM.&nbsp;<span lang=\"EN-US\" style=\"text-align: justify; color: var( --e-global-color-text ); font-weight: 400; background-color: transparent; font-size: 1em; line-height: 115%; font-family: &quot;Century Gothic&quot;, sans-serif;\">It contains the data which indicates that there\nis an issue with certain source, mailstream or sending IP.&nbsp;<\/span><span style=\"color: var( --e-global-color-text ); font-weight: 400; background-color: transparent; font-size: 1em;\">These reports are optional and we cannot get the reports for every failure.<\/span><\/p>\n<p><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>A mail receiver looks at the domain found in the From header of an email and looks up the DMARC reporting requests for that domain. It looks at the RUA<\/p>\n<p><a href=\"https:\/\/knowledge.progist.net\/index.php\/2021\/03\/18\/send-dmarc-aggregate-and-forensic-reports\/\" class=\"more-link\">Continue Reading<span class=\"screen-reader-text\">How do mail receivers know where to send DMARC aggregate and forensic reports to?<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_eb_attr":"","om_disable_all_campaigns":false,"footnotes":""},"categories":[7],"tags":[22,56,76,88,140],"class_list":["post-182","post","type-post","status-publish","format-standard","hentry","category-dmarc","tag-aggregate-report","tag-dmarc","tag-forensic-report","tag-mail-receivers","tag-where-to-send-dmarc-reports"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/knowledge.progist.net\/index.php\/wp-json\/wp\/v2\/posts\/182","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/knowledge.progist.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/knowledge.progist.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/knowledge.progist.net\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/knowledge.progist.net\/index.php\/wp-json\/wp\/v2\/comments?post=182"}],"version-history":[{"count":0,"href":"https:\/\/knowledge.progist.net\/index.php\/wp-json\/wp\/v2\/posts\/182\/revisions"}],"wp:attachment":[{"href":"https:\/\/knowledge.progist.net\/index.php\/wp-json\/wp\/v2\/media?parent=182"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/knowledge.progist.net\/index.php\/wp-json\/wp\/v2\/categories?post=182"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/knowledge.progist.net\/index.php\/wp-json\/wp\/v2\/tags?post=182"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}