How Microsoft’s new aggregate DMARC reports enhance visibility of your sending sources

As of March 2023, Microsoft 365 has started sending aggregate DMARC reports from domains that use Microsoft-hosted MX records. This long-awaited release fixes a blindspot with inbound mail to an M365 tenant that existed; previously, where Microsoft didn’t report on DMARC results, you would miss crucial insight (and legitimate senders) that could then be blocked from sending emails once p=reject was enabled.

Now, with Microsoft’s aggregate reports, you gain visibility into:

  • Which emails sent from your domain to your M365 tenant are currently passing or failing DMARC
  • Who the senders and receivers of emails from your domain are
  • Where in the world emails are being sent from using your domain

With this insight, you gain a deeper understanding of your sending sources and their email configuration, enabling you to pinpoint and solve issues within your organization quickly before progressing to a policy of full DMARC enforcement (p=reject).

What new fields has Microsoft introduced in their reports?

Microsoft has added three new insights to the DMARC XML reports:

  • Envelope To – allowing you to track the receiving domain
  • Envelope From – allowing you to track sending domain used in the return-path
  • SPF scope – allowing you to determine if Microsoft based their SPF result on the MailFrom or the HELO command

These fields provide additional information about an organization’s email traffic so that they can better understand where shadow IT or email forwarding is occurring. This data was previously only available with OnDMARC’s unique enhanced forensic data feeds.

How is OnDMARC surfacing these new fields and why is it useful?

Thanks to quick work by our Engineering team, OnDMARC is one of the first DMARC vendors to have processed and surfaced Microsoft’s new fields in its dashboards, ensuring that our users have this new detailed data about their email domains at their fingertips. 

Domain owners need a solution like OnDMARC to process and analyze DMARC aggregate reports as Microsoft (and other reporting providers) only provide raw XMLs.

Extract of a raw XML DMARC file

OnDMARC ingests the raw XML reports and contextualizes the relevant and granular information about your sending sources in an intuitive dashboard. This visibility provides you with additional insights into your email setup so that you can make informed and more accurate configuration decisions in less time, thus decreasing the time needed to complete a DMARC implementation project.

New Microsoft DMARC fields surfaced in OnDMARC’s dashboards

How OnDMARC adds proactive defense to Microsoft 365

By using the OnDMARC platform, Microsoft 365 customers can enhance their email setup and protect against a wide range of outbound and inbound email-based threats. With our solution, customers have full visibility of their sending sources, both inbound and outbound, and can expect to reach DMARC enforcement and block malicious spoofing emails from getting to their employees, customers, and partners in as little as 4-8 weeks.

OnDMARC seamlessly plugs into the Microsoft environment and works in harmony with Microsoft Defender for Office 365 to provide a robust layered defense against advanced email threats. The Microsoft Intelligent Security Association (MISA) recognizes and lists OnDMARC as an approved integration and preferred solution in the Azure Marketplace, acknowledging it as fully complementary to Microsoft’s own email security solutions.

“At Microsoft, we look to build enduring, ongoing relationships with partners like Red Sift protecting e-mail and other hybrid work essentials. With increasingly sophisticated cyber criminals targeting email communications, the Red Sift platform helps Microsoft 365 customers to enhance the security of their systems.”

Parri Munsell, Senior Director, Microsoft Security Marketing

Ready to secure your organization’s email inboxes against phishing?

PUBLISHED BY

Francesca Runger-Field

21 Apr. 2023

SHARE ARTICLE:

Categories

Recent Posts

VIEW ALL
Certificates

A confident deployment guide for TLS and PKI

Ivan Ristic

Our journey to better network transport security has been quite the ride, filled with ups and downs. Back in the ’90s, when SSL and the Netscape browser were just taking off, things were pretty hard. We were dealing with weak encryption, export restrictions on cryptography, and computers that couldn’t keep up. But over the…

Read more
DMARC

Red Sift OnDMARC: The best Agari alternative for DMARC

Francesca Runger-Field

Looking for an alternative to Agari DMARC Protection that helps you safely and efficiently stop unauthorized use of your email-sending domains? You’re in the right place.  Here is your definitive comparison guide for Agari and Red Sift OnDMARC – one of the most popular Agari alternatives on the market.  Red Sift OnDMARC overview Red…

Read more
DMARC

Red Sift OnDMARC: The best Valimail alternative for DMARC

Francesca Runger-Field

Looking for an alternative to Valimail that helps you safely and efficiently stop unauthorized use of your email-sending domains? You’re in the right place.  Here is your definitive comparison guide for Valimail and Red Sift OnDMARC – one of the most popular Valimai alternatives on the market.  Red Sift OnDMARC overview Red Sift OnDMARC…

Read more
News

Announcing the beta for Red Sift Radar: An LLM Assistant for Security…

Rahul Powar

We are delighted to announce the beta for Red Sift Radar – our new LLM assistant for security teams. With Red Sift Radar, teams will be able to use an LLM to automate manual checks, drive security consistency, and build bridges with less technical teams. To bring this to life, we have taken base…

Read more