DMARC reports are an essential tool for combatting email authentication abuse on your domain. When you get a DMARC report, it may include some unfamiliar sources that might be addressed at domains you don’t recognize. Forensic DMARC reports can help you better understand these reports by sending more information about them. This helps uncover granular details about the origin of malicious sending sources, helping you identify spoofing attempts and take action against them faster.
Unfortunately, not all domains support sending forensic DMARC reports, but the good news is: many do.
We have made a list of a few known domains that send forensic reports on DMARC failure:
(Note: this is not a complete list)
Note: Gmail and Office 365 are among popular ESPs that do not send DMARC forensic reports.
If any one of the above-mentioned domains is used to send an email that is not authorized and would fail DMARC authentication, on your behalf, you will receive a DMARC forensic report that you can view in the Forensic report section on our DMARC report analyzer dashboard.