Earlier today, I was checking the detail viewer for our main domain name. Last month, DMARC; DKIM and SPF ruls treated more than 2500 emails. Only 13 were considered a threat and rejected,less than 1% of the total.
In the detail viewer at the bottom of the same page, Dmarcian says that I have insufficient alignment. DMARC=88.51%; SPF 85.22%; DKIM 86.72%
I am confused here, if I have less than 1% of rejected emails, why is the DMARC at 88%? Should not only 88% of successful delevered emails?
The forums are not a technical support avenue for the dmarcian product, as troubleshooting is best done with account information, which we don’t recommend sharing on a public forum. I suggest you contact support@dmarcian.com so that our support team may have a productive conversation about your data.
Based on your description, there may be a misunderstanding on how the data is reported. the threat/unknown category is not the only category that shows non compliant email, or impacted email, only that our system has not identified as a known ESP or email sending product.
Compliance gaps can and will be reported in the DMARC Capable tab, as it represents known senders. The compliance gap for a source primarily falls to 2 causes:
Alignment is not met
Authentication fails
Alignment is the need to have DKIM or SPF authenticating the same domain, or a subdomain of the organizational level domain. More on alignment can be read here.
Authentication failures is when the domains are alignment, but failing authentication due to an IP missing from your SPF record, or the public key record for DKIM not being in DNS for instance.
Please reach out to our support, and we will assist you in making sense of your data.
