Issue:
In some cases, Administrators (theadmin.com) need to receive DMARC reports for their clients (clients.com). Therefore, all of their client’s DMARC records are set to send forensic and aggregate report to an email address(es) that is external to the clients domain. This causes that the DMARC report shows an error similar to this:
DMARC syntax issue for clients.com: theadmin.com does not indicate that it accepts DMARC reports about clients.com - Authorization record not found: clients.com._report._dmarc.theadmin.com IN TXT "v=DMARC1 |
Clients.com DMARC record is :
"v=DMARC1; p=quarantine; pct=100; ri=300; rua=mailto:[email protected]; ruf=mailto:[email protected] "
Solution:
To fix this Administrator(s) can perform One of the two solutions provided below:
1- The administrator need to change the rua and ruf email addresses of the client's DMARC record so that the reports can be sent to an email address that belong to the same domain the DMARC record is configured (clients.com) for i.e.: rua=mailto: [email protected]; ruf=mailto:[email protected]
2 - if the first solution can't be considered then follow the instructions below:
In this document we used TWO domains:
Theadmin.com: this is a domain that belongs to the Administrator(s) who manages his clients
Clients.com: this is a domain that belongs to the client that the Administrator is managing
To fix this error, the Administrator need to add an extra TXT record to his DNS records for his domain theadmin.com
TYPE | HOST | VALUE |
TXT | clients.com._report._dmarc | v=DMARC1 |