DMARC Analyzer 2.0 - Compliance Reporting

The Reporting section in Mimecast DMARC Analyzer gives you a complete view of your domain’s email authentication compliance. It helps you monitor your progress, spot issues, and take action to improve your email security.

Overview

The Compliance report in Mimecast DMARC Analyzer gives you a clear, high-level view of how well your domains are protected by email authentication standards (DMARC, DKIM, and SPF). It helps you:

• Understand which domains are compliant and which need attention.
• Track changes in compliance over time.
• Identify and fix issues that cause DMARC failures.

The report is divided into three main tabs:

• Compliance Status
• Changes Over Time
• Actions

Each tab provides different insights to help you monitor and improve your email authentication posture.

Downloading Compliance Report

To download the Compliance Report, follow these simplified steps:

1. Log in to Mimecast Administration Console
2. On the left menu panel, navigate to More Services | DMARC Analyzer 2.0 | Compliance Report
3. In the upper right corner of the summary card, click Export.
4. Click Download in the resulting widget pop-up.

What Does the Reporting Section Do?

The Reporting section is divided into three main tabs:

Compliance Status

The top of the report shows a visual overview of your current compliance:

Compliance Status

The Compliance Status tab provides a real‑time snapshot of DMARC compliance across your domains.

Filtering by Domain Groups

You can filter the report by specific domain groups to focus on a particular set of domains (for example, production domains, marketing domains, or a specific region). This allows you to compare performance across different parts of your organization and prioritize where to act first.

Compliance Overview

The top of the report shows a visual overview of your current compliance:

1. Circular chart

• Shows the percentage of compliant vs. non‑compliant domains in the selected domain group.
• Quickly highlights whether most of your domains are protected or at risk.

2. Bar chart over time

• Displays how compliance has changed over a chosen time period.
• Green bars represent compliant domains.
• Red bars represent non‑compliant domains.

These charts help you immediately see whether your compliance posture is improving, stable, or declining.

DMARC Compliance Breakdown

Below the overview, the report breaks down your email traffic into three main categories:

1. DMARC Compliant

Email that passes DMARC with proper alignment. This includes:

• Fully aligned messages (SPF and/or DKIM aligned with the domain in the From: header).
• SPF‑aligned messages.
• DKIM‑aligned messages.

This traffic is considered safe and correctly authenticated.

2. DKIM or SPF Validated (Not Fully Aligned)

Email that passes either DKIM or SPF, but is not fully aligned with your DMARC policy.

These messages are authenticated but may not fully meet DMARC alignment requirements. They are often a good starting point for tuning alignment and tightening policies.

3. DMARC Failed

Email that fails DMARC authentication. The report shows:

• Affected domains and the associated email volume.
• Failure reasons, such as:

1. Forwarded
2. Sampled Out
3. Trusted Forwarder
4. Mailing List
5. Local Policy
6. Other

Changes Over Time

The Changes Over Time tab helps you understand how your email authentication posture is evolving.

1. Invalid Records Overview

This section highlights the health of your DNS records over time:

• A bar chart shows the number of invalid DMARC, DKIM, and SPF records.
• Percentage indicators show whether invalid records are increasing or decreasing for each protocol.

2. Source Compliance in the Last 30 Days

This view groups your sending sources into clear categories:

• Authorized Compliant Sources - Approved senders that are configured correctly and meet DMARC requirements.
• Authorized Non‑Compliant Sources - Approved senders that are not yet correctly configured. These sources typically require updates to SPF, DKIM, or alignment settings.
• Unauthorized Sources - Senders that are not recognized or not allowed to send on behalf of your domains. These are often high‑risk and need prompt investigation.
• Identified Forwarding Sources - Forwarders that may affect authentication results, such as mailing lists or gateways along the delivery path.
• Under Investigation Sources - Sources that have been flagged but still require review to determine if they should be authorized or blocked.

3. Domains That Changed DMARC Status

This section lists domains that have recently changed their DMARC policy, including:

• Moved to Quarantine (for example, p=none to p=quarantine).
• Moved to Reject (for example, p=quarantine to p=reject).

Actions

The Actions tab turns insights into specific next steps. It provides a prioritized, actionable list to help you improve compliance

You will see guided recommendations grouped into two main areas:

1. How to Improve Your Source Authentication

Recommended tasks to ensure your sending sources are correctly set up, such as:

• Enabling and correctly signing with DKIM.
• Updating SPF records to include new or missing sources.
• Adjusting alignment so that From: domains match authenticated domains.

2. Actions to Improve Your SPF/DKIM/DMARC Records

Guidance on improving your DNS configuration, for example:

• Fixing invalid records (syntax errors, duplicates, or conflicting entries).
• Removing deprecated or unused entries.
• Gradually tighten DMARC policies from p=none to p=quarantine and p=reject when you are ready.

These recommendations are designed to help you move safely and confidently toward full enforcement across your domains.