📄️ Overview
Stalwart MTA supports both the generation and analysis of a variety of email-related reports to aid in message delivery transparency, authentication monitoring, and transport security compliance. These reports provide valuable insight into the health and trustworthiness of your mail infrastructure, and can be used both operationally and for long-term policy evaluation.
📄️ Delivery Notifications
Delivery Status Notifications (DSN) allows senders of an email message to be notified of its delivery status. It works by sending a message back to the sender, notifying them of the delivery status of the email message they sent. The delivery status information includes whether the message was delivered successfully, whether it was delivered to the recipient's mailbox or to a different location, whether it was delayed, or whether there was a permanent delivery failure.
📄️ DKIM
DKIM authentication failure reporting is a mechanism that allows domain owners to receive notifications when email messages sent from their domain fail DKIM authentication checks at recipient mail servers. The reporting mechanism uses an email-based report format, which is sent to a designated address within the domain. This information can be used to identify misconfigurations or malicious activity that may negatively impact the domain's email reputation. The reports typically include information such as the message's sender, recipient, and the specific DKIM verification result (e.g., "failed" or "permanently failed"). By analyzing the reports, domain owners can detect issues with their DKIM implementation and take action to resolve them, improving their email deliverability and protecting their domain's reputation.
📄️ SPF
SPF authentication failure reporting refers to the process of generating reports that inform the sending mail server about the outcome of its SPF (Sender Policy Framework) authentication check. This check is done by the recipient server to verify that the incoming email message is authorized by the domain specified in the message's envelope (i.e., the "MAIL FROM" identity). The SPF authentication failure report is typically sent back to the sending mail server when the SPF check fails, indicating that the message was not authorized to be sent from the domain specified in the MAIL FROM identity. The report includes information about the reason for the SPF authentication failure, such as the SPF record in the sending domain, the IP address of the sending server, and the header details of the message. These reports help the sending server to identify and address any issues with their SPF records, ensuring that their messages are properly authorized and reducing the likelihood of them being marked as spam or rejected by recipient servers.
📄️ DMARC
DMARC (Domain-based Message Authentication, Reporting & Conformance) is an email authentication protocol that provides a mechanism for email receivers to determine if incoming messages are legitimate and were sent from authorized sources. It allows a sender's domain to publish a policy that specifies how email receivers should handle messages that fail SPF and/or DKIM authentication checks. The DMARC policy is stored in a specially-formatted TXT record in the domain's DNS records, and email receivers can use this information to decide whether to accept, reject, or flag an incoming message based on the results of SPF and DKIM checks. DMARC also provides a reporting mechanism that enables the sender to receive feedback on how their messages are being handled by email receivers. This feedback can be used to improve the accuracy and effectiveness of SPF and DKIM configurations, as well as monitor for potential abuse of the sender's domain.
📄️ TLS
TLS Reporting is a mechanism for reporting on the certificate validation outcomes performed by a mail transfer agent (MTA), such as Stalwart. It allows the recipient of an email to receive reports on the validity of the certificate used to secure the transport of the email, including information such as whether the certificate was valid, expired, or revoked. The goal of TLS Reporting is to provide a way to detect and address security issues with the certificates used to secure email communication, to ensure that email communication is secure and trustworthy. The reports can also be used to identify and correct misconfigurations of the sending MTA, and to improve the overall security of email communication.
📄️ Analysis
Stalwart has the ability to automatically analyze incoming DMARC, DKIM, SPF, and TLS reports that are sent by other domains, which eliminates the need for manual intervention and saves time and effort for the system administrator. In case any TLS or message authentication issues are found, an event is recorded in the log file or sent to OpenTelemetry. By turning reports into actionable events, system administrators can quickly detect and respond to configuration errors and any instances of abuse, such as spam or phishing, which helps to maintain the integrity of the email system.