Skip to main content
All CollectionsValimail SuiteEnforce
Understanding the Subdomains Report
Understanding the Subdomains Report

This report provides data on subdomains with distinct DMARC configurations, detailing their email authentication and delivery performance, as well as any suspicious activity detected.

Updated over 4 months ago
This report is available for Premium and Enterprise Enforce packages and is included only upon request.

To access the Subdomains Report, navigate to Reports -> Subdomains. Within the report, you can filter by subdomain name, senders, and date ranges. The senders list will display all services that have sent mail for the selected subdomain. Date range options include the previous day, the last 7 days, the last month, or up to the last 6 months. If no specific subdomain is selected before running the report, it will display data for all subdomains.

The report will provide details on total email volume, suspicious email volume, DMARC pass rate, SPF pass rate, DKIM pass rate, percentages of quarantined and rejected emails, and emails allowed through with or without DMARC enforcement or policy override. It will also include links to redirect you to the authentication report page.

Users can download the report as a CSV file.

Below is an example of the Subdomains Report page:

  • Total Email: The total number of emails sent by the recognized sender on your behalf within the specified timeframe.

  • Suspicious Email: The number of emails flagged as suspicious due to failures in email authentication.

  • DMARC Pass Rate: The percentage of emails from the sender that successfully passed DMARC authentication within the given timeframe.

  • SPF Pass Rate: The percentage of emails from the sender that passed DMARC authentication through SPF alignment during the specified timeframe.

  • DKIM Pass Rate: The percentage of emails from the sender that passed DMARC authentication through DKIM alignment within the given timeframe.

  • Allowed Through - No Enforcement: The number of emails sent by the sender from domains you own that are not under DMARC enforcement. These emails bypass DMARC checks and are delivered to inboxes, which may pose a risk for exact-domain impersonation attacks. This number should ideally be zero once DMARC enforcement is fully applied.

  • Allowed Through - Policy Override: The number of emails that failed DMARC authentication but were permitted due to a policy override. This occurs when the receiver chooses to disregard the DMARC policy, such as when forwarding emails that are recognized as non-malicious despite authentication failures.

  • Allowed Through - With Enforcement: The number of emails that passed DMARC authentication, were successfully delivered, and were sent from domains that are under DMARC enforcement.

  • Quarantined: The number of emails from domains under enforcement that were marked as spam by the recipient’s email provider due to failing DMARC authentication.

  • Rejected: The number of emails from domains under enforcement that failed DMARC authentication and were rejected before reaching the recipient's inbox.

This Subdomains Report includes only subdomains that have recorded traffic; those without traffic are not included in the list.
Did this answer your question?