todd herr
Reporting is an important part of DMARC. It provides valuable feedback from mailbox providers to help you identify any problems with authentication of your legitimate emails, and allows you to monitor for fraudulent email misuse of your domain name. But lots of people set up DMARC without understanding the reporting component — I myself have been guilty of simply routing DMARC reports (which tend to comprise a low volume if emails containing XML-formatted data attachments) to a folder or mailbox to review them “someday.” And if that day ever comes, I figure it would be good to understand what I’m looking at as far as the two different types of DMARC reporting — and why, ultimately, RUA (aggregate) reporting is all I (and you) should rely on. When creating a “reporting address” for your DMARC record, you might notice that there are two different “reporting” fields in the DMARC record