DMARC monitoring for a secure mail domain
DMARC is an email standard that provides insight into your entire email traffic. Therefore, all systems that receive emails on behalf of your organisation/domain share a daily technical report/summary of all emails they have received on your behalf.
These are XML files that can sometimes contain thousands or even tens of thousands of lines of “code”. The number of reports per domain per day can also vary from a few reports to hundreds per day. The reports contain information about:
-
the number of messages sent from a single IP address during the reporting period
-
the authentication results of the received messages
-
all actions taken by the receiving server on the messages received (delivered, delivered in the SPAM or held back)
The IP addresses are most crucial element of these reports. Because the internet consists of a network of all kinds of nodes, this means that e-mails regularly arrive at the recipient via nodes. In such a case, the last node is always reported as the sender IP address instead of the IP address of the actual e-mail system used to send a message.
Reports in their raw XML form can be difficult to read and interpret. Without a suitable tool that enables you to interpret this data, it is often impossible to extract useful information from the report.
The Kevlarr dashboard
There are several online solutions that make reading and interpreting these technical XML DMARC reports easier.
Besides the fact that you are no longer have to look at a technical file, most tools are able to aggregate e-mail traffic from a certain address to different recipients.
Kevlarr's solution goes one step further on this matter. Using our AI engine that is fed by data from millions of reports per day, we are able to filter out the systems that only forward our customers' emails from the reports. In this way, the user only sees the systems that have sent the e-mails on her behalf.
In practice, it often happens that certain systems act as the source in one scenario, at one customer, but only as an “intermediate step” in the traffic in another scenario. Our AI engine is also capable of identifying such differences.
Our dashboard with accompanying graphs and statistics help the user to discover potential problems in email traffic and thereby be much more efficient in resolving such problems.
De basis : DMARC XML rapporten
Smart filtering through AI
We talk about spoofing and how to prevent it all the time.
If the DMARC implementation is finally done by changing the policy to reject after all e-mail systems of the customer are properly being configured, then the "unjustified" traffic will be stopped.
But until then, it would still be useful if you could see that such “false” spoofing activities are taking place on behalf of your organization. As long as you are not yet protected, you could use this information to warn your relations about such criminal activities. The XML reports sent by the recipients say nothing about this.
However, our AI engine is able to identify such activities based on the enormous amount of data we process.
Overview of all your domains at a glance
Organizations that have more than a few domains can use our smart dashboard to see all their domains at a glance, including the most important points of attention per domain.
This way you can see the e-mail volume in the past period, but also the number of e-mails that require your attention (undelivered or delivered in spam messages). Of course you can also use our smart filtering options here. You can filter out spoof messages, but also messages that do not come directly from one of the source systems but are delivered by an intermediate system.
