DMARC, or Domain-based Message Authentication, Reporting and Conformance, is an email authentication protocol that allows domain owners to publish policies in their DNS records that specify which mechanisms are used to authenticate emails sent from their domain. DMARC also provides a mechanism for receiving reports about messages that pass or fail DMARC evaluation.
Antispam systems can be configured to send DMARC reports back to the domain owner or to a designated third party. These reports can provide valuable information about the messages that are being sent from a domain, including whether they pass or fail DMARC evaluation and any actions taken by the receiving system as a result of the DMARC evaluation.
DMARC reports can be sent in either an aggregate or forensic format. Aggregate reports provide a summary of DMARC evaluations for a given time period, while forensic reports provide detailed information about individual messages that fail DMARC evaluation.
To receive DMARC reports, the domain owner must publish a DMARC record in their DNS and specify a destination for the reports. This can be done using the "rua" (report URI for aggregate reports) and "ruf" (report URI for forensic reports) tags in the DMARC record.
