This article describes how to configure FortiMail to generate a DMARC aggregate report.
Scope
FortiMail v7.0.1 onwards.
Solution
FortiMail will generate the DMARC aggregate reports and deliver them to the RUA address from the DMARC DNS record of the sender domain.
The reports will be generated based on the configured settings every day at approximately 02:10 AM system time.
This can be configured under ‘system-wide’ or ‘domain-specific’ to generate DMARC aggregate reports.
System-Wide setting:
config antispam dmarc-report set status enable end
Show full-configuration antispam dmarc-report:
config antispam dmarc-report set status enable set max-num-of-to-domain 100 set to-domain * set from-addr-localpart noreply end
Refer to the below document for a Description of the Variables:
antispam dmarc-report
Domain-Specific setting: The dmarc-report-status can also be configured for each domain as required.
config domain
edit <domain_name>
config domain-setting
set dmarc-report-status {enable | disable | monitor-only | use-system-setting}
next
end
If dmarc-report-status is set to ‘enable’ under the domain, dmarc-report-to-domain and dmarc-report-from-addr-localpart for the domain can also be configured.
If dmarc-report-status is set to use-system-setting, the system-wide setting will be used instead of the domain-specific setting.
7.4.2 Domain
Sample Logs:
On the test environment, there was 1 mail from ‘fortinet.com’ between 02:00 2024-07-18 and 02:00 2024-07-19.
This mail failed the DMARC check.
The DMARC record for the domain ‘fortinet.com’ is as below:
v=DMARC1; p=quarantine; rua=mailto:[email protected]; ruf=mailto:[email protected]; sp=none; fo=1
The aggregate report was sent to the RUA address [email protected] on 02:10 2024-07-19, this can be viewed under ‘Mail Event’ Logs.
