Report
The Report tab is the second part of the DMARC module and allows for an in-depth analysis of the collected logs. This view is designed for precise analysis of network traffic and verification of authentication correctness for each sending source.
Search and filtering
At the very top of the screen is a search panel dedicated to the general domain overview. In addition to the standard date range and domain selection, you can access the "DMARC compliance" filter. This tool allows you to quickly isolate specific traffic categories, such as policy-compliant messages (DMARC compliant), those failing requirements (DMARC non-compliant), relayed messages (Forwarders), or potential attacks (Threat/Unknown). Furthermore, clicking the option to expand the filters reveals the "Source" field, which lets you narrow the results to a single infrastructure provider.
Key performance indicators
Below the filters, the system presents four tiles with the most important metrics for the selected data range:
TOTAL MESSAGES: The overall volume of messages analyzed within the selected domains.
DMARC COMPLIANCE RATE: The percentage of messages that successfully passed full DMARC authentication.
SPF ALIGNED RATE: The percentage of emails showing SPF protocol domain alignment with the sender address.
DKIM ALIGNED RATE: The percentage of emails where the DKIM digital signature is fully aligned with the domain visible in the "From" address.
Main table: Source summary
The central part of the view is occupied by a table presenting aggregated data for individual sending sources (for example, MessageFlow, Google, or external CRM systems). The table displays the total number of emails generated by a given source, a list of used sending domains, and detailed compliance percentage metrics (DMARC compliance rate, SPF alignment rate, DKIM alignment rate).
To conduct an in-depth analysis of a specific sender and identify potential configuration gaps, click the "-> More" button located at the end of each row in the table.
Source report (Detailed view)
After navigating to the details of a selected source (for example emaillabs.pl), you gain access to highly precise diagnostic data and a completely new, advanced filter panel.
In this view, the search grid allows for precise filtering based on technical sending parameters:
SPF alignment (SPF DMARC) and DKIM alignment (DKIM DMARC): Domain alignment verification with the option to select Fail or Aligned.
SPF Result and DKIM Result: Detailed technical validation statuses for individual protocols (for example Pass, Softfail, Neutral, Permerror, Fail).
Applied policy: Filtering based on the final decision of the receiving server (None, Reject, Quarantine).
Infrastructure: Limiting results to Server name, IP Location of the sending machine, as well as by the assigned SPF Domain or DKIM Domain.
The data in this report has been divided into two main tabs:
All messages: A complete list of recorded traffic for a given sending source.
Threatened messages: An automatically filtered list of messages that failed to meet rigorous DMARC security requirements. The table in this tab maintains an identical data architecture (from the general server view to granular IP address parameters) but exclusively displays logs with authentication errors. Clear visual indicators (red error icons) next to protocol metrics allow for instant identification of whether the problem stems from a lack of SPF authorization, an invalid DKIM signature, or missing domain alignment.
Granular analysis and IP data
The main table in the detailed view enables a two-step log verification. In the default (collapsed) view, it provides aggregated data regarding the sending infrastructure. You will find the following columns in it:
Sender domain: The main domain used to execute the sending.
Server: The hostname of the server relaying the messages.
IP count: The number of unique IP addresses assigned to a given server.
Verified emails: The total number of messages processed by a given node.
DMARC rejections: The number of messages that failed to meet rigorous authentication requirements.
SPF and DKIM: The overall correctness percentage rate for each of the protocols.
Clicking the expand icon next to a selected row opens a detailed per-IP view. The detailed table contains precise technical parameters:
IP and IP location: The specific server IP address and its physical location.
Disposition: How the message was handled by the receiving server based on the published DMARC policy. This category can take values such as accepted (none), quarantined (quarantine), or rejected (reject).
SPF Result: The result of checking whether a given sender IP address is authorized to send messages on behalf of the sender domain. It can take values such as pass or fail.
SPF DMARC: Verification of whether the message passed the SPF check and whether the sender domain in the SPF protocol is fully aligned with the From address visible to the recipient.
SPF Domain: The domain associated with the message sender, used by the receiving server to verify the sending server's permissions.
DKIM Result: The validation result of the DKIM signature attached to the message. It checks whether the signature is correct and has not been modified during transmission (it can pass or fail).
DKIM DMARC: Verification of whether the message was correctly digitally signed and whether this signature originates from the same domain that appears in the sender address.
DKIM Domain: The domain used to cryptographically sign the message with DKIM. It confirms the sender's permissions and the integrity of the content.
Reporters: The organization or external mailbox provider that sends the DMARC report regarding messages received from your domain.
Data export
You can download detailed summaries directly from the last column named "Reporters". After clicking the icon displaying the number of reporting organizations (for example "+1"), the system will display a list of available reports for a given IP address.
Select the items you are interested in and confirm the action with the Export button.
The generated spreadsheets will be ready for download in the main Operations list tab of your account. If you select multiple reports in the panel, the system will generate each of them as a completely separate file. This approach makes further analysis easier and effectively prevents the creation of unreadable, aggregated spreadsheets.
Last updated