How to Use GlockApps DMARC Digest
DMARC Analytics Digests are the weekly or monthly reports that contain summarized data about the email volume, sending sources, and changes in email authentication for the domain.
DMARC Analytics Digests help system administrators, domain owners, businesses and organizations monitor their domains, control outbound email traffic and sending sources, quickly see the changes in SPF, DKIM, and DMARC compliance ratios compared to the last period, and resolve the detected issues in a timely manner.
DMARC Analytics Digests Overview
DMARC Analytics Digests are stored in your user account in DMARC Analytics -> Digests.
The Digests dashboard represents a table with the following columns:
Domain – domain name the digest is created for;
Created – date when the digest is created;
Type – digest type (weekly or monthly);
Severity – level of how critical the detected issues are:
Healthy – everything is good;
Info – everything is good, still there is something you should be aware of;
Warning – something is not working normally;
Critical – there is an issue that requires an immediate action.
Resolved – digest status (resolved or unresolved).
You can click on the column title to sort the digests by that column.
By clicking on the menu at the right side, you can mark the digest as read/unread, resolved/unresolved, or delete the digest from the dashboard.
To apply the above actions to more than one digest at a time, put the check marks next to the digests and use the options at the top before the Search field.
To the right of the Search field, there are the Filters and Settings icons.
Using the Filters, you filter the digests by Severity and Status.
In the Settings, you can choose the channels to receive notifications about new digests created in your account and the digests type: weekly or monthly.
Weekly digests are created every Monday.
Monthly digests are created the first day of every month.
DMARC Analytics Digests Analysis
To view the digest report, click on the domain name in the dashboard.
The digest consists of the following parts:
Emails Reported
This is the number of email messages sent from the domain during the last period. The diagram shows the breakdown by days and allows you to identify the days with the highest and lowest sent volume.
DMARC Compliance
The DMARC Compliance ratio is the percentage of DMARC compliant messages sent from the domain during the last period.
The Change ratio is the change in the DMARC compliance rate compared to the last period. The minus sign before the number means the decrease of the DMARC compliance ratio.
The table below the diagram with the current DMARC policy for the domain shows the changes in SPF alignment, DKIM alignment, volume of emails sent by unknown sources, and forwarded emails:
Example:
Failed SPF alignment: Current period: 125 (3.84%) Change from last period: 10.41%
The above means that 125 messages or 3.84% out of the total number of emails sent from the domain during the last week/month failed SPF alignment. It is 10.41% more compared to the previous period.
Emails from unknown sources: Current period: 82 Change from last period: -9.56%
The above means that 82 emails were sent by unknown sources on behalf of the domain during the last week/month, which is 9.56% less compared to the previous period.
Known Sources
These are the sources authorized to send emails on behalf of the domain by the SPF record.
Unknown Sources
These are the sources not authorized to send emails on behalf of the domain by the SPF record.
Forwarded Sources
These are the sources that received and forwarded the emails to other recipients.
The report will show the top five sources that sent the highest number of emails if there are more than five sources.
For each source, you’ll have the number of sent emails (Volume), DMARC compliance ratio (DMARC), SPF compliance ratio (SPF), and DKIM compliance ratio (DKIM).
Return-Path Domains
The Return-Path domain is the domain that the receiving mail server uses to get the SPF record and verify if the sender is authorized to send the email.
The Return-Path domain is used to verify SPF alignment or evaluation. If the Header From domain doesn’t match the Return-Path domain, SPF alignment fails. In the relaxed mode, only the organizational domain has to match, i.e. the use of a sub-domain set up on the Header From domain as the Return-Path domain is allowed.
For Return-Path Domains, you’ll have the following data:
Volume – number of email messages sent during the last period.
SPF Eval Pass – number of email messages that passed SPF alignment or evaluation.
SPF Record –result of the SPF record check. OK means “valid”, Error means the record is not valid. If the SPF record is not correct, the error description will appear in the SPF Error column.
Action Steps
This part of the digest report outlines the issues and provides the steps to resolving them. It is important to address the issues urgently if the digest has the Critical severity type. Critical issues mean serious email authentication breaches and will lead to filtered or blocked emails. Digests with the Warning tag are less critical but also tell about email authentication issues that must be resolved in a timely manner. After you analyze the digest report and address the detected problems, you can mark the digest as Resolved in the main dashboard.
DMARC Analytics Digests are stored in your user account for one year after the date of creation. You can download the digest report as PDF using the PDF option at the top of the report.