dmarcian’s platform receives, processes, classifies and visualizes mail from your domain so you can quickly identify SPF and DKIM authentication gaps and unauthorized use of your domains. The reporting platform runs on the most accurate source classification engine in the industry and provides you with accurate and actionable knowledge for managing your email domains.
One segment of our platform is the Detail Viewer; for ease of organization in this overview, we’ve divided it into the following three sections: Search Parameters, Email Volume and DMARC Data.
The top section of the Detail Viewer is composed of search parameters that allow you to select the reporting you’d like to view. You can choose domains, reporters, IP/CIDR Range, timeframe and a compliance filter. In the compliance filter, you can choose None, which shows all data; Show impact of policy, which shows messages impacted by DMARC policy; Show non-compliant email, which shows messages failing DMARC; and Show complaint email, which shows messages passing DMARC.
The middle section of the Detail Viewer displays the Email Volume by Category. Here, you get a quick look at your email volume and in what categories they fall. Email volume is the number of emails sent from your domain(s). By mousing over images, you can extract detailed information.
The bottom section of the Detail Viewer shows DMARC data grouped by source.
In this section of the Detail Viewer, you have four navigation tabs that reveal the four high-level categories in which dmarcian classifies DMARC data. The four categories are:
- DMARC Capable – a source of email that is capable of sending DMARC-compliant email. When displayed in the dmarcian tools, DMARC-Capable sources are often accompanied by statistics showing the current level of DMARC compliance for email associated with the source.
- Non-compliant Sources – a source of email that is not capable of sending DMARC-compliant email. If you’re using a service that shows up in “Non-compliant Sources,” you can refer them to How to send DMARC compliant email on behalf of others.
- Forwarders – Forwarding typically happens when you send email to iamjohn@EXAMPLE.ORG and that someone has configured their email client to be forwarded somewhere else, like iamjohn@SAMPLE.NET. From the perspective of the email receiver (the entity that is generating DMARC XML reports) your email appears to be coming out of infrastructure that otherwise has nothing to do with you. When email is forwarded, DKIM signing can survive; SPF does not. dmarcian maintains a set of rules to identify well-known forwarders.
- Threat/Unknown – this category is for email that doesn’t fit one of our classification rules or that has been categorized as a specific threat.
The graph below the navigation tabs provides a chronological visualization of the data category you’ve selected.
Below this graph, you get a list of your sources and each of these are expandable to reveal the server names and the data columns. You can mouseover the column headers, click on the “Column Meanings” tab on the right side of the page or read the relevant article in our knowledge base to learn about the headers and how they relate to your DMARC report.
When you click on a reporter in the “Reporter” column, there is helpful sorting that appears in a popover as well as a new column which shows data in columns you have hidden when you mouse over the blue plus symbol (see below). This is helpful if you’d like quick insight into a particular row, without having to adjust your preferred column visibility options.
The Detail Viewer allows you to explore your DMARC data in a number of ways. It shows a timeline of your data along with search parameters such as From and To date selectors, domain and data-provider pickers, and a filter option that can be used to show what would have happened had a DMARC policy been in place.
Here’s a quick video of the Detail Viewer.
We’re here to help people understand and deploy DMARC, so get in touch with us if you have any questions about our platform and the Detail Viewer.