Agari gives insight into your email infrastructure that you may not have had the opportunity to explore before. You now have all of this data, but what do you do now? How can you take all of this information provided and make sense of it in a way that helps prepare you to make the policy changes that are needed to fully benefit from DMARC? You don't have to guess or be overwhelmed. We provide you with all the information you need in a way that is easy to understand and easy to research.
You will find that we have presented your DMARC reporting data in a way that makes it easy for you to understand what is being presented as well as giving you the freedom to drill down further to really research the information so you feel confident implementing DMARC in your organization. We have created different breakdowns of your data to make it even easier to find what you are looking for, all of these can be found under Analyze > Email Traffic.
What does my DMARC trend look like?
This graph will show you messages that we have had reported that either passed DMARC or failed DMARC. You will receive additional details about the messages being reported below the bar graph. Anything reported in blue means you can drill down to continue researching those messages.
What's happening to messages failing DMARC?
This graph is where you can see what happens to messages that have received an overall DMARC Fail. You are also provided with additional information below which will give dates as well as total numbers and percentages of messages. If the information is presented in blue, this means you can drill down further for additional information.
Which messages pass DMARC with SPF and DKIM?
The DMARC trend gives you a breakdown of messages being reported that have SPF Pass/DKIM Fail, DKIM Pass/SPF Fail, and Passed Both. If you would like to only look at Fails and not passes you can click one of the views from the key to toggle them on/off. In the bar graph shown below, you are presented with additional information such as Domain, and a total number of messages. The information displayed will change depending on which part of the bar graph above you have clicked on to review. For example, if you click on the green Pass Both for a selected day you will be presented with further details on that selection. If the information is presented in blue, this means you can drill down further for additional information gathered.
Which ISPs do I send email to?
This view allows you to see all messages reported by a given ISP, broken down by authentication results.
How much email using my domains is legitimate?
This view allows you to see which emails are being sent from known IP spaces you have specified or have been found in DNS for your organization. You also can see which emails are being sent from outside this known IP space. This will allow you to see if you have other IP's you may not have listed in SPF as trusted, or they could be IP's from malicious senders who are phishing.
Reviewing this information will give you a better understanding of how the world views your email authentication as well as how receivers are handling your messages. When you begin to see all of your legitimate email passing DMARC and all of the emails outside of your known IP space who are phishing your domain are shown as DMARC failures, then you can feel confident to move to a DMARC Reject policy.
Please sign in to leave a comment.