Content of Threat/Unknown sources

utsav.sejpal · May 7, 2020, 11:26pm

Hi Experts,

We’ve just set up DMARC policies and exploring the features DMARCIAN portal.

While the section “Threat/Unknown sources” within the “Detail Viewer” provides a great source of information, I was wondering if there’s a way to know what sort of content is being circulated using our domains. Even if we can see the subject lines of those emails, we might be in a position to say that someone’s running phishing campaign against us.

Regards,
Utsav

opvind · May 17, 2020, 1:20pm

DMARC Failure reports (ruf=, also known as Forensic reports) may provide some insight into unauthorized mails. Be aware that far from all reporters send failure reports, and many reports contain only (selected) headers from the failing mails.

Topic		Replies	Views
Way to many threat/unknown sources. Need help?	0	365	January 20, 2023
FAQ: DMARC Reports FAQ	0	2046	May 13, 2019
Help - Articles/Guides with advanced analysis	2	624	October 19, 2021
Got Threat/Unknown entries, now what? Technical Help	4	1907	November 13, 2019
Is Dmarcian Forensic reporting actually working? Technical Help	3	638	November 27, 2021

Content of Threat/Unknown sources

Related Topics