For those who have implemented DMARC with a quarantine or reject policy and set up RUA reporting, I'm curious about how you're handling those reports. Are you utilizing a paid service, or are you managing with free options?
5 Answers
The XML reports can be a pain to read, but once you route them into an aggregator, it's pretty straightforward to see what’s working and what’s failing. For self-hosted solutions, 'parsedmarc' is awesome! It pulls reports into Elasticsearch or Postgres, and you can visualize with Kibana or Grafana. It’s free and really quick to set up!
I like the self-hosted route too—used this tool called Open Report Parser before. It was effective for handling DMARC reports.
When we were on a p=none policy, we checked the reports to assess potential issues before moving to reject. Now that we're rejecting, we pretty much ignore those reports unless something goes awry.
We go with ProofPoint Email Fraud Defense. It's a solid choice for us, especially since we were already using ProofPoint for other services.
I’m a fan of Suped for DMARC monitoring. It takes care of report aggregation and alerts while keeping it easy on my end. Plus, there are free tiers from many providers if you only need basic insights.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures