The DMARC point of contact for aggregate reports SHALL include reports@dmarc.cyber.dhs.gov.

Why This Matters

Configuring a valid DMARC aggregate report address is critical for monitoring email authentication failures and detecting spoofing attempts. Without this point of contact set to reports@dmarc.cyber.dhs.gov, your organization misses automated visibility into potential phishing or impersonation attacks targeting your domain. This reduces your ability to audit email traffic and respond to threats effectively.

What Aether365 Checks

Aether365 verifies that the DMARC record for your domain includes the required aggregate report URI pointing to reports@dmarc.cyber.dhs.gov. This check appears in your Aether365 dashboard under microsoft-365 checks as a medium severity finding if the configuration is missing or incorrect.