How Microsoft’s new aggregate DMARC reports enhance visibility of your sending sources

As of March 2023, Microsoft 365 has started sending aggregate DMARC reports from domains that use Microsoft-hosted MX records. This long-awaited release fixes a blindspot with inbound mail to an M365 tenant that existed; previously, where Microsoft didn’t report on DMARC results, you would miss crucial insight (and legitimate senders) that could then be blocked from sending emails once p=reject was enabled.

Now, with Microsoft’s aggregate reports, you gain visibility into:

  • Which emails sent from your domain to your M365 tenant are currently passing or failing DMARC
  • Who the senders and receivers of emails from your domain are
  • Where in the world emails are being sent from using your domain

With this insight, you gain a deeper understanding of your sending sources and their email configuration, enabling you to pinpoint and solve issues within your organization quickly before progressing to a policy of full DMARC enforcement (p=reject).

What new fields has Microsoft introduced in their reports?

Microsoft has added three new insights to the DMARC XML reports:

  • Envelope To – allowing you to track the receiving domain
  • Envelope From – allowing you to track sending domain used in the return-path
  • SPF scope – allowing you to determine if Microsoft based their SPF result on the MailFrom or the HELO command

These fields provide additional information about an organization’s email traffic so that they can better understand where shadow IT or email forwarding is occurring. This data was previously only available with OnDMARC’s unique enhanced forensic data feeds.

How is OnDMARC surfacing these new fields and why is it useful?

Thanks to quick work by our Engineering team, OnDMARC is one of the first DMARC vendors to have processed and surfaced Microsoft’s new fields in its dashboards, ensuring that our users have this new detailed data about their email domains at their fingertips. 

Domain owners need a solution like OnDMARC to process and analyze DMARC aggregate reports as Microsoft (and other reporting providers) only provide raw XMLs.

Extract of a raw XML DMARC file

OnDMARC ingests the raw XML reports and contextualizes the relevant and granular information about your sending sources in an intuitive dashboard. This visibility provides you with additional insights into your email setup so that you can make informed and more accurate configuration decisions in less time, thus decreasing the time needed to complete a DMARC implementation project.

New Microsoft DMARC fields surfaced in OnDMARC’s dashboards

How OnDMARC adds proactive defense to Microsoft 365

By using the OnDMARC platform, Microsoft 365 customers can enhance their email setup and protect against a wide range of outbound and inbound email-based threats. With our solution, customers have full visibility of their sending sources, both inbound and outbound, and can expect to reach DMARC enforcement and block malicious spoofing emails from getting to their employees, customers, and partners in as little as 4-8 weeks.

OnDMARC seamlessly plugs into the Microsoft environment and works in harmony with Microsoft Defender for Office 365 to provide a robust layered defense against advanced email threats. The Microsoft Intelligent Security Association (MISA) recognizes and lists OnDMARC as an approved integration and preferred solution in the Azure Marketplace, acknowledging it as fully complementary to Microsoft’s own email security solutions.

“At Microsoft, we look to build enduring, ongoing relationships with partners like Red Sift protecting e-mail and other hybrid work essentials. With increasingly sophisticated cyber criminals targeting email communications, the Red Sift platform helps Microsoft 365 customers to enhance the security of their systems.”

Parri Munsell, Senior Director, Microsoft Security Marketing

Ready to secure your organization’s email inboxes against phishing?

PUBLISHED BY

Francesca Rünger-Field

21 Apr. 2023

SHARE ARTICLE:

Categories

Recent Posts

VIEW ALL
News

Introducing DNS Guardian: Stop impersonation and spam caused by domain takeovers 

Rahul Powar

tl;dr: We’re thrilled to announce DNS Guardian — a new feature in Red Sift OnDMARC that can swiftly identify and stop domain takeovers that lead to malicious mail. Back in February, we shared updates with the community about SubdoMailing – an attack discovered by Guardio Labs. The attack was a form of subdomain takeover,…

Read more
News

Meet Red Sift Radar: The Skilled Up LLM That Finds and Fixes…

Rahul Powar

After months of beta testing and feedback, we are excited to announce that Red Sift Radar, our skilled up LLM offering seamless integration with Red Sift OnDMARC, is now commercially available.  With Red Sift Radar, security teams can detect exposures, prevent configuration drift, and classify assets or suspicious activity without adding additional headcount. By…

Read more
News

G2 Fall 2024 Report: Red Sift OnDMARC Wins Big

Francesca Rünger-Field

We’re delighted to share that Red Sift OnDMARC’s winning streak continues. This Fall, we’ve once again been named a Leader in G2’s DMARC category, achieving recognition in both the overall Leader category and Europe for the first time. This recognition is based on our high Customer Satisfaction scores and strong market presence. Red Sift…

Read more
Cybersecurity

Resilience Rising | Episode 3 with Kevin White

Red Sift

In this episode of Resilience Rising, Sean Costigan, Managing Director of Resilience Strategy at Red Sift, and Kevin White, Senior Operation Consultant with Enhanced Information Solutions, explore the critical intersection of wastewater management and cybersecurity.  The two highlight the health and operational impacts of cyber threats on water utilities, emphasizing the vulnerabilities due to…

Read more
Certificates

Your guide to PCI DSS 4.0 Cryptographic Requirements

Rebecca Warren

The Payment Card Industry Data Security Standard (PCI DSS) is a globally recognized framework designed to protect cardholder data during processing, storage, and transmission by merchants and service providers. PCI DSS outlines a set of stringent security controls that organizations handling payment card information must implement to mitigate the risk of data breaches and…

Read more