- Aggregate (RUA) reports do not contain any PII or sensitive information. They just provide a daily overview of:
- The email receiver that sent you this report
- number of emails sent from your domains,
- their DMARC, DKIM and SPF alignment and authentication results (i.e did they pass/fail the respective check) and
- The IP address of the server that sent emails from your domain
Below is a sample raw XML aggregate report,
<record>
<row>
<source_ip>209.85.220.41</source_ip>
<count>11</count>
<policy_evaluated>
<disposition>none</disposition>
<dkim>pass</dkim>
<spf>fail</spf>
</policy_evaluated>
</row>
<identifiers>
<envelope_from>mail.domain1.com</envelope_from>
<header_from>domain1.com</header_from>
</identifiers>
<auth_results>
<dkim>
<domain>domain1.com</domain>
<result>pass</result>
</dkim>
<spf>
<domain>mail.domain1.com</domain>
<result>none</result>
</spf>
</auth_results>
</record>
Forensic reports on the other hand can potentially have some sensitive information as they include the following details:
- Your From domain
- Time email was received
- The IP address of the server that sent emails from your domain
- Subject line
- DMARC,SPF and DKIM Authentication results
- Headers of the failing email
However, we protect your privacy by supporting forensics encryption as explained in the next point.
2. With our forensics encryption feature, you need to generate a PGP key pair and then upload your public key into your PowerDMARC account. Once you do that, we encrypt all of your forensic reports with the public key you uploaded so that only you, the private key holder can decrypt them. As we do not have access to your private key, we as service owners are unable to read your forensic reports either.
Below are examples of encrypted and decrypted forensic reports respectively:
a. Encrypted Forensics
b. decrypted forensics
