search cancel

DMARC reporting shows too much information

book

Article ID: 175621

calendar_today

Updated On:

Products

Mail Security for Microsoft Exchange Email Security.cloud Messaging Gateway Messaging Gateway for Service Providers

Issue/Introduction

  • I have a DMARC report that shows a full email and I am concerned about data retention
  • I have an email that contains a DMARC report that might be a GDPR violation.

Cause

Failure reports that show full emails are called Forensic Reports, known as RUF in DMARC nomenclature.

If a DMARC record includes a statement like "[email protected]", then this gives permission for other domains to send Forensic Reports.

Resolution

Per dmarc.org, if there is no ruf field in the DMARC record, then no forensic reports should be sent.

For more information, please review dmarc.org and the associated RFCs for DMARC.