Thank you both for clearifying this. Now I can relax and may find
anything useful to do with these reports.
Please have a nice weekend.
Kind regards,
Michael
p.s. Sorry Paul, I pressed the wrong button. :/
Am 26.11.2021 um 19:44 schrieb Paul Pace:
On 11/26/21 8:57 AM, Michael Taubert wrote:
Hi everyone!
Recently I've received some dmarc reports from various hosts like
google, yahoo, and so on. Are these reports of any use or just
information for me? I mean, is there any action required when I got
reports of failed dkim or spf?
All the addresses in these reports does not belong to my mail server.
So I think they just use my domain in the header to spam around.
Well, at least, they trying to.
I feel a bit lost as I don't know what to do about these reports.
Thanks in advance.
Kind regards,
Michael
I would guess these are aggregate reports being sent because the DMARC
TXT record instructs them to:
$ dig +short txt _dmarc.arachnodroid.de
"v=DMARC1;p=none;pct=100;rua=mailto:postmas...@arachnodroid.de;";
The aggregate reports are sent based on a time period.
From RFC 7489 7.2[1]:
> Visibility comes in the form of daily (or more frequent) Mail
Receiver-originated feedback reports that contain aggregate data on
message streams relevant to the Domain Owner. This information
includes data about messages that passed DMARC authentication as well
as those that did not.
Paul
[1] https://datatracker.ietf.org/doc/html/rfc7489#section-7.2
