DMARC Aggregate Reports: DMARC aggregate reports are obtained with details on the source and authenticity of emails issued on behalf of a domain that reveals information on the following points:
DMARC Aggregate reports are timely sent in an XML file format and do not include any details on the emails themselves. You may analyze the content from aggregate reports to recognize all valid email sources, as well as the sender’s capabilities for sending out emails and authorizing them suitably.
DMARC Forensic Reports: Forensic reports are received every time an email from your domain fails both SPF & DKIM authentications. A forensic report is used to conduct a thorough investigation of emails spoofing your domain since it contains message-level data, including:
Data collected in forensic reports reveal trouble associated with a particular source, mailstream, or transmitting IP.
In summation, aggregate reports assist in identifying and authorization of authentic emails, whereas forensic reports aid in the analysis of falsified emails and the identification of attack traits.