|
Description |
This article describes how to configure FortiMail to generate a DMARC aggregate report. |
|
Scope |
FortiMail v7.0.1 onwards. |
|
Solution |
FortiMail will generate the DMARC aggregate reports and deliver them to the RUA address from the DMARC DNS record of the sender domain. The reports will be generated based on the configured settings every day at approximately 02:10 AM system time.
This can be configured under 'system-wide' or 'domain-specific' to generate DMARC aggregate reports.
System-Wide setting:
config antispam dmarc-report set status enable end
Show full-configuration antispam dmarc-report:
config antispam dmarc-report set status enable set max-num-of-to-domain 100 set to-domain * set from-addr-localpart noreply end
Refer to the below document for a Description of the Variables:
Domain-Specific setting: The dmarc-report-status can also be configured for each domain as required.
config domain edit <domain_name> config domain-setting set dmarc-report-status {enable | disable | monitor-only | use-system-setting} next end
If dmarc-report-status is set to 'enable' under the domain, dmarc-report-to-domain and dmarc-report-from-addr-localpart for the domain can also be configured. If dmarc-report-status is set to use-system-setting, the system-wide setting will be used instead of the domain-specific setting.
Sample logs:
On the test environment, there was 1 mail from 'fortinet.com' between 02:00 2024-07-18 and 02:00 2024-07-19. This mail failed the DMARC check.
The DMARC record for the domain 'fortinet.com' is as below:
v=DMARC1; p=quarantine; rua=mailto:dmarc-rua@fortinet.com; ruf=mailto:dmarc-ruf@fortinet.com; sp=none; fo=1
The aggregate report was sent to the RUA address dmarc-rua@fortinet.com on 02:10 2024-07-19, this can be viewed under 'Mail Event' Logs.
Note: From v7.6 onwards, it is possible to manually send a DMARC report from the GUI under System -> Utility -> DMARC at any time without waiting for 2:10am.
|
