DMARC Reporting
DMARC reporting is the feedback mechanism built into [[dmarc|DMARC]] that sends structured reports to domain owners showing who is sending email on their behalf and whether those messages pass [[spf-record|SPF]] and [[dkim|DKIM]] authentication. Aggregate reports (RUA) are sent daily in XML format by receiving mail servers, summarizing volumes and pass/fail rates per sending source. Forensic reports (RUF) provide redacted copies of individual failed messages. Analyzing DMARC reports allows domain owners to identify unauthorized senders, misconfigured mail streams, and spoofing attempts before tightening policy from 'p=none' to 'p=reject'.
Example
After enabling DMARC with rua=mailto:[email protected], a SaaS company discovers its marketing automation tool is sending from an IP not covered by its SPF record, causing 15% of marketing emails to fail authentication silently.