starred/modoboa-modoboa

Fork 0

mirror of https://github.com/modoboa/modoboa.git synced 2026-04-25 00:46:03 +03:00

[GH-ISSUE #3460] DMARC reports for alias domain are not added to domain report #1850

New issue

Open

opened 2026-02-27 11:19:31 +03:00 by kerem · 4 comments

kerem commented

2026-02-27 11:19:31 +03:00

Owner

Originally created by @PatTheMav on GitHub (Feb 14, 2025).
Original GitHub issue: https://github.com/modoboa/modoboa/issues/3460

Impacted versions

OS Type: Debian
OS Version: Bookworm (12)
Database Type: PostgreSQL
Database version: 15.10
Modoboa: 2.2.4
installer used: No
Webserver: Nginx

Steps to reproduce

Have a working domain setup with SPF, DKIM, and DMARC
Have the DMARC transport rule set up to receive and parse DMARC reports
Have an alias domain setup for the primary domain, with SPF, DKIM, and DMARC set up for this domain as well
Wait for DMARC reports to come in for mails purportedly sent from one of the alias domains

Current behavior

The DMARC report for the alias domain is received and parsed by modoboa, the record can be seen in the dmarc_report table in the database, correctly attributed to the alias domain in the policy_domain field.

These reports however don't seem to be taken into account in the DMARC report pages of the web interface - only reports for the actual domain are shown here.

Expected behavior

Reports for the main domain as well as its aliases are both taken into account when showing the DMARC report stats in the web interface.

Originally created by @PatTheMav on GitHub (Feb 14, 2025). Original GitHub issue: https://github.com/modoboa/modoboa/issues/3460 # Impacted versions * OS Type: Debian * OS Version: Bookworm (12) * Database Type: PostgreSQL * Database version: 15.10 * Modoboa: 2.2.4 * installer used: No * Webserver: Nginx # Steps to reproduce * Have a working domain setup with SPF, DKIM, and DMARC * Have the DMARC transport rule set up to receive and parse DMARC reports * Have an alias domain setup for the primary domain, with SPF, DKIM, and DMARC set up for this domain as well * Wait for DMARC reports to come in for mails purportedly sent from one of the _alias_ domains # Current behavior The DMARC report for the alias domain is received and parsed by modoboa, the record can be seen in the `dmarc_report` table in the database, correctly attributed to the alias domain in the `policy_domain` field. These reports however don't seem to be taken into account in the DMARC report pages of the web interface - only reports for the actual domain are shown here. # Expected behavior Reports for the main domain as well as its aliases are both taken into account when showing the DMARC report stats in the web interface.

kerem added the

enhancement

label

2026-02-27 11:19:31 +03:00

kerem commented

2026-02-27 11:19:32 +03:00

Author

Owner

@tonioo commented on GitHub (Jul 15, 2025):

@PatTheMav Do you think adding a select field for domain or its aliases in the report page would be fine?

@tonioo commented on GitHub (Jul 15, 2025): @PatTheMav Do you think adding a select field for domain or its aliases in the report page would be fine?

kerem commented

2026-02-27 11:19:32 +03:00

Author

Owner

@PatTheMav commented on GitHub (Jul 15, 2025):

@PatTheMav Do you think adding a select field for domain or its aliases in the report page would be fine?

I think that should be a good start? It might even work for me if the actual alias domain is shown in the "Detail" pane with the alignment stats combining all reports. Then I'd see at a glance "oh my, there's been 30 reports in the last month for that mail domain" and then see in the details that, say, 15 of those related to an alias alone.

I just checked the database and it seems that most reports are for alias domains, but I had no idea about the severity of it without looking in the DB itself.

@PatTheMav commented on GitHub (Jul 15, 2025): > [@PatTheMav](https://github.com/PatTheMav) Do you think adding a select field for domain or its aliases in the report page would be fine? I think that should be a good start? It might even work for me if the actual alias domain is shown in the "Detail" pane with the alignment stats combining all reports. Then I'd see at a glance "oh my, there's been 30 reports in the last month for that mail domain" and then see in the details that, say, 15 of those related to an alias alone. I just checked the database and it seems that most reports are for alias domains, but I had no idea about the severity of it without looking in the DB itself.

kerem commented

2026-02-27 11:19:32 +03:00

Author

Owner

@tonioo commented on GitHub (Jul 16, 2025):

I don't understand how reports created for domain aliases can be imported successfully into the database, I think they are not complete. If you look at the dmarc_record table, you should not find any entry linked to those reports...
That being said, you're suggesting to display aggregated stats for a domain and its aliases, and then to have a better detail view?
How would you update the detail view?

@tonioo commented on GitHub (Jul 16, 2025): I don't understand how reports created for domain aliases can be imported successfully into the database, I think they are not complete. If you look at the dmarc_record table, you should not find any entry linked to those reports... That being said, you're suggesting to display aggregated stats for a domain and its aliases, and then to have a better detail view? How would you update the detail view?

kerem commented

2026-02-27 11:19:32 +03:00

Author

Owner

@PatTheMav commented on GitHub (Jul 16, 2025):

I don't understand how reports created for domain aliases can be imported successfully into the database, I think they are not complete. If you look at the dmarc_record table, you should not find any entry linked to those reports... That being said, you're suggesting to display aggregated stats for a domain and its aliases, and then to have a better detail view? How would you update the detail view?

Thanks for the tip about dmarc_record, indeed while dmarc_report contains every report received (including the alias domains for which those were received), dmarc_record only contains entries for reports using the configured domains. So I read that as the report being processed and logged, but the contents of the report are discarded if the policy_domain doesn't match an actual domain?

For how to display this information, it seems that right now the details pane seems to show the source_ip, count, and the DKIM and SPF results obviously. For me personally it would be sufficient if an additional column specified the associated domain (so either the main domain or one of its associated aliases).

@PatTheMav commented on GitHub (Jul 16, 2025): > I don't understand how reports created for domain aliases can be imported successfully into the database, I think they are not complete. If you look at the dmarc_record table, you should not find any entry linked to those reports... That being said, you're suggesting to display aggregated stats for a domain and its aliases, and then to have a better detail view? How would you update the detail view? Thanks for the tip about `dmarc_record`, indeed while `dmarc_report` contains every report received (including the alias domains for which those were received), `dmarc_record` only contains entries for reports using the configured domains. So I read that as the report being processed and logged, but the contents of the report are discarded if the `policy_domain` doesn't match an actual domain? For how to display this information, it seems that right now the details pane seems to show the `source_ip`, `count`, and the DKIM and SPF results obviously. For me personally it would be sufficient if an additional column specified the associated domain (so either the main domain or one of its associated aliases).