Why Am I Not Receiving DMARC Aggregate or Forensic Reports?

Aggregate Reports Forensic Reports

Say you've created your DMARC record and published it in the DNS, now you expect to see some nice reports dripping in, except that none can be found in your specified mailboxes! Why are you missing DMARC reports?

No worries. Let's find out!

Here is a checklist for troubleshooting the issue of not getting DMARC reports:

  • is your DMARC record readily available in the DNS, and is the syntax correct?
  • do you have only one DMARC record on your domain?
  • is external domain verification (EDV) set up on your domain?
  • are the specified mailboxes working as expected?
  • have any emails been sent since your published the DMARC record?
  • retry after 1 day or 2;
  • keep in mind that only some email service providers send forensic (failure) reports.

We will go through the list in detail below.

Check your DMARC record in the DNS

Email service providers (ESP) rely on the DMARC record published in the DNS to enforce the DMARC policy and find the recipient mailboxes by looking up the rua and ruf tags in the record. So the first thing here is to make sure your DMARC record is published correctly and accessible in the DNS. To do so, use our free DMARC checker to check your DMARC record. Watch out for the record availability and syntax correctness.

Here is a post on How to Check DMARC Record.

Make sure only one DMARC record is published on your domain

To ensure correct DMARC processing, you must publish one and only one DMARC record on your domain. See Can I Have Multiple DMARC Records on My Domain?

If you find multiple DMARC records on a single domain, remove all of them except one.

Check if external domain verification (EDV) is set up

When you use a rua tag and publish a DMARC record like this:

v=DMARC1; p=none; rua=mailto:[email protected];

you are requesting compliant email service providers to send aggregate reports to the specified email address [email protected]. However, the owner of [email protected] must grant you the permission before you can do so. Otherwise, these reports won't be sent to that particular email address. This is called external domain verification (EDV).

External domain verification works like this:

  • the owner of reporting.com publishes an EDV record at:

    example.com._report._dmarc.reporting.com

    with the value v=DMARC1 to the DNS, in order to enable EDV;

  • before an email service provider sends an aggregate report to [email protected], it needs to check if reporting.com has allowed reports on example.com to be sent to it. It does this by looking example.com._report._dmarc.reporting.com up in DNS. If this record exists, and it's value is v=DMARC1, the report will be sent; otherwise not.

Note that the above EDV record is per domain, i.e., it only allows reports on example.com to be sent to [email protected]. If you want reports on anotherexample.com to be sent to [email protected], you will need to publish an EDV record for anotherexample.com.

If you want to allow reports on any domain to be sent to [email protected], publish a wildcard EDV record at:

*._report._dmarc.reporting.com

If you are using DMARCLY to process your DMARC reports, you don't need to worry about EDV - DMARCLY handles that for you already.

Make sure your recipient mailboxes are accepting emails

It goes without saying that the specified mailboxes must be able to accept emails wit XML/zip/gz(ip) attachments so that DMARC reports can go through. If you are not seeing any report after a few days, check your mailbox settings to make sure nothing is blocking the incoming reports.

If you are using DMARCLY, you don't need to worry about this. DMARCLY mailboxes accept DMARC report emails just fine (of course).

Use default DMARC record

Sometimes unintended changes in the DMARC record can mess the settings up a bit, and cause mailbox service providers to not send DMARC reports.

One way to make sure that you will receive DMARC aggregate reports is to use the DMARC record generated with default settings in the DMARCLY dashboard. Simply log in, go to DNS Records/Publish DMARC Record, then publish the DMARC record on that page without any modification.

There need to be emails sent from your domain

This is another obvious point: if there is no email sent from your domain, you won't see any DMARC report whatsoever! So make sure emails have been sent from the domain. In addition, if your email volume is low, there can be an additional few days before you receive your first reports.

Retry after 1 day or 2

ESPs send DMARC aggregate reports periodically, typically everyday by default. This means it's absolutely normal if it takes 1 day or 2 to get your first aggregate reports.

Only some ESPs support forensic reports

Unlike DMARC aggregate reports which are universally supported, only some ESPs support forensic reports. You won't get any forensic reports from whose who don't.

See here for an incomplete list of ESP's that have support for DMARC forensic reports.

Upload historical data

In case you are so eager to see DMARC aggregate data in the dashboard and you don't want to wait until the next day, you can upload your historical data so that DMARCLY can render it.

Go to Data/Upload Reports, and upload the DMARC aggregate report files there. Once uploaded, your data will show up instantly on the Aggregate Reports page. Remember to pick the correct date range when the reports were received when you view the data.

Summary

After you've struck the items off the checklist above, you should be fine. Just sit back, relax, and grab a beer. Your DMARC reports are on the way to your mailboxes!

However, if you are still experiencing issue at this point, please drop a line at: support(at)mail.dmarcly.com. We are happy to help!

Previous Post Next Post

 Protect Business Email & Improve Email Deliverability

Get a 14 day trial. No credit card required.

Create Account