Aggregate report from Microsoft

Hi All,
I am noticing that since July 10th I am no longer receiving DMARC reports from Microsoft Corporation (protection.outlook.com).
This happens on 2 of my domains, while on another domain I still receive them regularly.
It seems like my problem at this point, but I don’t know where to look anymore.

  • I receive RUA and RUF on a single email address (I have not separated them) and on the domain where I still receive Microsoft I have different RUA and RUF addresses. Could this be it?

For all domains I have hard fail SPF and DMARC none or quarantine policy.

For one of domain I receive them and for other 2 domains I do not receive them.
Same mail server (Google Workspace) and same method to receive RUA/RUF (Google Groups on its own domain).

Has this ever happened to you?

No, but I have only ever used the address assigned by DMARC reporting tools. Sending DMARC reports to a Google Group or an individual’s mailbox doesn’t seem like an efficient way to handle XML reports. Does your current approach meet a specific need that wouldn’t be better served by a reporting service?

Sure, I use Google Groups and I forward to an Inbox where I can parse all the email with IMAP and DMARC parser tool.
I think Microsoft doesn’t send officially RUA and someone say also that Microsoft it’s not conform to RFC standard because there are some misconfiguration on email with report.

We do see Microsoft reports still being sent to our global RUAs. As a reminder, these reports are sent for their free webmail domain, such as outlook, msn, hotmail, and live. Their enterprise solutions such as exchange online (365) does not send XML reports still.

1 Like

Hi Asher,

Is this still true as of now?
It’s hard to believe MS365 is still not sending the report.
They are seemingly not adapting DMARC standard.
If you know, please share it.
Thanks in advance!

It is still the case.

However, there has been a beta regarding a new feature which is supposedly going to be reaching GA this month.

Soon we can expect MS365 to send DMARC AG report for emails it receives. This is great news for the email ecosystem. We at dmarcian will be sure to post our findings as soon as we are able to.

1 Like

Thanks for your kind reply. DMARC reports from MS365 is something we’ve waited for long time. It will have a big positive impact on the spread of DMARC implimentations among corporate users.

Microsoft has started sending DMARC AG reports which I think is great! I am trying to wrap my head around the caveats of how Microsoft implemented everything. They are not sending AG reports if the tenant is not using Microsoft MX records (this affects anyone that has a 3rd party spam/security filtering solution). We are a MSP and using our domain as an example, 80%+ of our messages go to current clients that have a 3rd party security solution in place, so effectively we will never get reporting for most of the messages/recipient servers we care about.

The first hurdle was to get Microsoft to send messages, and I feel like now it is to get full adoption. Is there any insight on how this may unfold in the future? Whether or not it actually happens, is this something that Microsoft should change their stance on, or should the 3rd party solutions start sending reports on the messages they receive, etc?

The edge MX is the only system that can send the DMARC report. The Microsoft Exchange Online sever is an internal sever at that point and should not send any DMARC reports. I don’t know if other hosted email security providers do, but Proofpoint sends DMARC reports.