DMARC provides detailed reports that help domain owners monitor their domain's email-sending practices. These include DMARC aggregate reports and DMARC forensic or failure reports, offering valuable insights into authentication outcomes and potential issues.
Below is a brief explanation of their specifications and differences.
DMARC aggregate reports do not contain sensitive information, such as the From address or the email’s Subject line. They are supported by major providers like Google, Yahoo, and Microsoft and are generated every 24 hours, making them highly valuable. The information included in aggregate reports is sufficient for domain owners and analyzing DMARC aggregate reports helps gain a comprehensive understanding of their domain’s sending practices and any related issues.
On the other hand, DMARC failure (forensic) reports include more detailed information, such as the From address, Subject line, and recipient address. However, the inclusion of this sensitive data, also known as PII (Personally Identifiable Information), raises privacy concerns. As a result, major ISPs and many organizations often choose not to enable failure reporting or handle it cautiously to prevent potential data leakage.