Search

MC516348 – (Updated) DMARC aggregate reports for enterprise (archived)

Microsoft Exchange Logo

check before: 2023-03-02

Product:

Defender, Defender for Office 365, Exchange, Microsoft 365 Defender

Platform:

Online, US Instances, World tenant

Status:

Launched

Change type:

Admin impact, Feature update, Updated message

Links:

109535

Details:

Updated March 21, 2023: We have updated the content below with additional details. Thank you for your patience.
As part of the DMARC (Domain-based Message Authentication Reporting & Conformance) standard, the owner of the domain whose MX is pointed to Office 365 can request DMARC aggregate reports through the RUA of the DMARC record. This will help the domain owner to monitor their domain's traffic passing through Office 365 and adjust their sender authentication configurations to reach an actionable DMARC policy.

This message is associated with Microsoft 365 Roadmap ID 109535
[When this will happen:]

Standard Release: We will begin rolling out mid-March (previously mid-February) and expect to complete by late March.

Change Category:
XXXXXXX ...

Scope:
XXXXXXX ...

Release Phase:
General Availability

Created:
2023-02-16

updated:
2023-03-22

the free basic plan is required to see all details. Sign up here


A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.


changes*

DatePropertyoldnew
2023-03-22MC MessagesUpdated March 16, 2023: We have updated the rollout timeline below. Thank you for your patience.
As part of the DMARC (Domain-based Message Authentication Reporting & Conformance) standard, the owner of the domain whose MX is pointed to Office 365 can request DMARC aggregate reports through the RUA of the DMARC record. This will help the domain owner to monitor their domain's traffic passing through Office 365 and adjust their sender authentication configurations to reach an actionable DMARC policy.

This message is associated with Microsoft 365 Roadmap ID 109535
[When this will happen:]

Standard Release: We will begin rolling out mid-March (previously mid-February) and expect to complete by late March.
Updated March 21, 2023: We have updated the content below with additional details. Thank you for your patience.
As part of the DMARC (Domain-based Message Authentication Reporting & Conformance) standard, the owner of the domain whose MX is pointed to Office 365 can request DMARC aggregate reports through the RUA of the DMARC record. This will help the domain owner to monitor their domain's traffic passing through Office 365 and adjust their sender authentication configurations to reach an actionable DMARC policy.

This message is associated with Microsoft 365 Roadmap ID 109535
[When this will happen:]

Standard Release: We will begin rolling out mid-March (previously mid-February) and expect to complete by late March.
2023-03-22MC Last Updated03/17/2023 04:30:162023-03-21T19:48:41Z
2023-03-22MC prepareOffice 365 will send out DMARC aggregate reports to all sender domain owners that has a valid RUA address defined in their DMARC record, independent of their platform/configuration. The only exception is if the MX record for the recipient domain does not directly points to O365. In this case O365 will not send DMARC reports to the sender domain owner RUA address.
For example, you have mailboxes with the recipient domain contoso.com, which domain has it's MX record pointed directly to Office 365. (contoso-com.mail.protection.outlook.com). In this scenario Office 365 will automatically send DMARC aggregate reports to all email sender domain owners which has a valid RUA address defined in their domain DMARC record.
If contoso.com MX record pointed to a different email security solution in front of Office 365, Office 365 will not send DMARC aggregate reports to any sender domains RUA address configured in their DMARC record as the information we see about the sending infrastructure is likely to have been affected by the complex mail flow routing.
You can learn more about DMARC here
https://learn.microsoft.com/microsoft-365/security/office-365-security/email-authentication-dmarc-configure?view=o365-worldwide
https://www.microsoft.com/microsoft-365/roadmap?rtc=1%26filters=&searchterms=109535
Office 365 will send out DMARC aggregate reports to all sender domain owners that has a valid RUA address defined in their DMARC record, independent of their platform/configuration. The only exception is if the MX record for the recipient domain does not directly points to Office 365. In this case Office 365 will not send DMARC reports to the sender domain owner RUA address.
For example, you have mailboxes with the recipient domain contoso.com, which domain has it's MX record pointed directly to Office 365. (contoso-com.mail.protection.outlook.com). In this scenario Office 365 will automatically send DMARC aggregate reports to all email sender domain owners which has a valid RUA address defined in their domain DMARC record.
If contoso.com MX record pointed to a different email security solution in front of Office 365, Office 365 will not send DMARC aggregate reports to any sender domains RUA address configured in their DMARC record as the information we see about the sending infrastructure is likely to have been affected by the complex mail flow routing.
You can learn more about DMARC here
https://learn.microsoft.com/microsoft-365/security/office-365-security/email-authentication-dmarc-configure?view=o365-worldwide
https://www.microsoft.com/microsoft-365/roadmap?rtc=1%26filters=&searchterms=109535
2023-03-17MC MessagesUpdated March 14, 2023: We have updated the content with additional information. Thank you for your patience.
As part of the DMARC (Domain-based Message Authentication Reporting & Conformance) standard, the owner of the domain whose MX is pointed to Office 365 can request DMARC aggregate reports through the RUA of the DMARC record. This will help the domain owner to monitor their domain's traffic passing through Office 365 and adjust their sender authentication configurations to reach an actionable DMARC policy.

This message is associated with Microsoft 365 Roadmap ID 109535
[When this will happen:]

Standard Release: We will begin rolling out mid-February and expect to complete by late March.
Updated March 16, 2023: We have updated the rollout timeline below. Thank you for your patience.
As part of the DMARC (Domain-based Message Authentication Reporting & Conformance) standard, the owner of the domain whose MX is pointed to Office 365 can request DMARC aggregate reports through the RUA of the DMARC record. This will help the domain owner to monitor their domain's traffic passing through Office 365 and adjust their sender authentication configurations to reach an actionable DMARC policy.

This message is associated with Microsoft 365 Roadmap ID 109535
[When this will happen:]

Standard Release: We will begin rolling out mid-March (previously mid-February) and expect to complete by late March.
2023-03-17MC Last Updated03/14/2023 20:15:262023-03-17T04:30:16Z
2023-03-15MC MessagesAs part of the DMARC (Domain-based Message Authentication Reporting & Conformance) standard, the owner of the domain whose MX is pointed to Office 365 can request DMARC aggregate reports through the RUA of the DMARC record. This will help the domain owner to monitor their domain's traffic passing through Office 365 and adjust their sender authentication configurations to reach an actionable DMARC policy.

This message is associated with Microsoft 365 Roadmap ID 109535
[When this will happen:]

Standard Release: We will begin rolling out mid-February and expect to complete by late March.
Updated March 14, 2023: We have updated the content with additional information. Thank you for your patience.
As part of the DMARC (Domain-based Message Authentication Reporting & Conformance) standard, the owner of the domain whose MX is pointed to Office 365 can request DMARC aggregate reports through the RUA of the DMARC record. This will help the domain owner to monitor their domain's traffic passing through Office 365 and adjust their sender authentication configurations to reach an actionable DMARC policy.

This message is associated with Microsoft 365 Roadmap ID 109535
[When this will happen:]

Standard Release: We will begin rolling out mid-February and expect to complete by late March.
2023-03-15MC TitleDMARC aggregate reports for enterprise(Updated) DMARC aggregate reports for enterprise
2023-03-15MC Last Updated02/16/2023 01:39:442023-03-14T20:15:26Z
2023-03-15MC MessageTagNamesFeature update, Admin impactUpdated message, Feature update, Admin impact
2023-03-15MC prepareDMARC reports are only sent to domains whose MX is pointed to O365. In order to obtain DMARC aggregate reports for your domain, it must have a valid DMARC record that includes a valid RUA email address.

You can learn more about DMARC here
https://learn.microsoft.com/microsoft-365/security/office-365-security/email-authentication-dmarc-configure?view=o365-worldwide
https://www.microsoft.com/microsoft-365/roadmap?rtc=1%26filters=&searchterms=109535
Office 365 will send out DMARC aggregate reports to all sender domain owners that has a valid RUA address defined in their DMARC record, independent of their platform/configuration. The only exception is if the MX record for the recipient domain does not directly points to O365. In this case O365 will not send DMARC reports to the sender domain owner RUA address.
For example, you have mailboxes with the recipient domain contoso.com, which domain has it's MX record pointed directly to Office 365. (contoso-com.mail.protection.outlook.com). In this scenario Office 365 will automatically send DMARC aggregate reports to all email sender domain owners which has a valid RUA address defined in their domain DMARC record.
If contoso.com MX record pointed to a different email security solution in front of Office 365, Office 365 will not send DMARC aggregate reports to any sender domains RUA address configured in their DMARC record as the information we see about the sending infrastructure is likely to have been affected by the complex mail flow routing.
You can learn more about DMARC here
https://learn.microsoft.com/microsoft-365/security/office-365-security/email-authentication-dmarc-configure?view=o365-worldwide
https://www.microsoft.com/microsoft-365/roadmap?rtc=1%26filters=&searchterms=109535

*starting April 2022

Last updated 11 months ago

Share to MS Teams

Login to your account

Welcome Back, We Missed You!