RUF – What is it Good for?
There are two types of DMARC reporting—the aggregate reporting (RUA) is the most important one where you see high-level information such as SPF passing or failing, DKIM passing or failing, and the domains. RUF reports are redacted copies of individual emails that are not 100% compliant with DMARC.
Forensic reporting (RUF), once widely used for email troubleshooting, has been marginalized because of privacy concerns.
Originally, the forensic reporting was very useful when it came to troubleshooting sources and third-party senders. It was handy to have the forensic report so you could pinpoint where SPF was failing, for example. Forensic reporting was pretty vigorous in the information that it provided; today, when most clients ask what you can do with it, the basic answer is, not much.
The good news is that forensic reporting isn’t required for DMARC; at a minimum, you should configure your DMARC record to receive RUA reports.
The decline of forensic reporting
RUF began its decline in late 2015. It was motivated by privacy concerns that were becoming more and more at the forefront of people’s minds. Conversations around how personal data was shared and where data was stored became more common.
Everyone in the industry became more privacy-conscious; those concerns continue at a feverish pace as organizations tighten privacy standards after data breaches or bad press. Google, the biggest email platform out there, doesn’t send them, and Hotmail discontinued RUF.
The biggest challenge with RUF falling off is troubleshooting when something goes wrong. In the past, you could just look at the RUF report and tell where the issue was. Sometimes you come up with creative approaches while working towards a solution, like looking at a test email to explore header information that would have been available via the forensic report.
Do I need RUF Reporting?
The short answer is no. dmarcian’s services have been developed to reach compliance goals without a need for reliance upon RUF reporting. As we’ve mentioned, many receivers will not provide RUF reporting due to the potential personally identifiable information (PII) that reports may contain.
Want to continue the conversation? Head over to the dmarcian Forum.
