Once you have setup DMARC monitoring with dmarced you will receive reports giving you insight into the emails that are being sent on behalf of your domain(s). Most importantly, outbound email sources, i.e. where your emails are coming from, are gathered, enriched, and grouped, so that you get an overview on your email traffic health.

Source

In the context of DMARC, a source is an IP address of an email server that sent one or more emails on behalf of a monitored domain to a reporting recipient. As it’s hard to deal with IP addresses, they get converted into their domain equivalent, if possible.

Source categories

For contextualized recommendations and action items, your outbound email traffic is grouped into 5 “source categories” depending on whether emails were accepted by the recipient, whether DKIM and/or SPF was present and aligned, and whether a confirmed PTR record was found.

• Exact mapping of source categories

Delivered and fully verified

Congratulations, this is the ideal scenario for your legitimate email traffic. SPF, DKIM, and PTR are correctly configured for your sources and your emails are DMARC compliant. With that, your email recipients can trust that emails come from you. If one of the verification methods fails in the future, the remaining method acts as a fallback, making sure emails still get delivered.

<aside> <img src="/icons/checklist_gray.svg" alt="/icons/checklist_gray.svg" width="40px" />

Action items

• Investigate, if unexpected sources appear in this category. </aside>

Delivered after being forwarded

Emails from these sources passed DKIM but failed SPF alignment, probably due to forwarding or missing SPF setup. For some of them a confirmed PTR record may be missing.

If SPF is setup for all of your legitimate email sources, the emails reported in this section is out of your control.

<aside> <img src="/icons/checklist_gray.svg" alt="/icons/checklist_gray.svg" width="40px" />

Action items

• Make sure SPF is setup for all of the sources you control. </aside>

Delivered but lacking verification

Emails from these sources were delivered but are missing DKIM, SPF, or a confirmed PTR record.

<aside> <img src="/icons/checklist_gray.svg" alt="/icons/checklist_gray.svg" width="40px" />

Action items

• Setup DKIM for failing sources you control.
• Setup SPF for failing sources you control.
• Setup PTR records for failing sources you control. </aside>

Blocked by the recipient

These emails were blocked by the recipient’s email filters. They might be legitimate but were stopped by the recipient’s rules.

<aside> <img src="/icons/checklist_gray.svg" alt="/icons/checklist_gray.svg" width="40px" />

Action items

• Improve on your email hygiene: Clean out all of the inactive and bad addresses.
• Check if your domain(s) or IP addresses appear on blocklists. </aside>

Blocked by your DMARC policy