RFC 9990 aggregate feedback
DMARC report analyzer
Read one or many aggregate XML reports, combine duplicate-safe message counts, and separate aligned mail from failures. Current RFC 9990 fields and legacy reports are handled without uploading the files.
REPORT INPUT
Aggregate XML
OBSERVED TRAFFIC
Aggregate summary
The analyzer weights every result by its message count and keeps raw report content on this device.
- Reporting period
- Report schema
- Policy domains
- Receivers
- Aggregate rows
- Aligned by DKIM / SPF
- /
Observed policies
Weighted source view
Sending sources and alignment
| Source IP | Header From | Messages | DMARC aligned | DKIM aligned | SPF aligned | Disposition |
|---|
No sources match this view.
Current and legacy reports
RFC 9990 made aggregate feedback independently extensible
RFC 9990 adds a version, generator metadata, policy discovery method, np, testing state, extensions, and a required DKIM selector.
Both standard filename forms are parsed locally. Expanded XML, file count, combined input, and record count are bounded against resource exhaustion.
Reports can be incomplete or forged. A source is not declared legitimate or malicious solely from aggregate XML.
Primary references: RFC 9990 aggregate reporting, RFC 9989 DMARC, and RFC 9991 failure reporting.