TLSRPT - reporting domain occasionally missing

[RealSebFox]

Hello,

In TLSRPT reports, the reporting organisation is sometimes missing. I was able to find an original report with the folowing contents:

Subject: Report Domain: redacted.example.com Submitter: mx.egressif.io Report-ID: <1730332800_11732957880687192466> File name: mx.egressif.io!redacted.example.com!1730332800!1730419200.json.gz File content:

{"organization-name":"mx.egressif.io","date-range":{"start-datetime":"2024-10-31T00:00:00Z","end-datetime":"2024-11-01T00:00:00Z"},"contact-info":null,"report-id":"1730332800_11732957880687192466","policies":[{"policy":{"policy-type":"no-policy-found","policy-string":[],"policy-domain":"redacted.example.com","mx-host":[]},"summary":{"total-successful-session-count":1,"total-failure-session-count":0},"failure-details":[]}]}

All my domains are MTA-STS and DANE compliant. Only one single report for a single message with "no policy found" was received in the past 2 days. Searching for "no policy found" on the TLSRPT monitor in the past 2 days prints the following result:

Why is the reporting organisation missing from the dashboard?

Thank you!

Kind Regards,

Sebastiaan

[seanthegeek]

Which dashboard are you using? I'm wondering if it is a flaw in how the report is being parsed and recorded, or the dashboard widget query.

[RealSebFox]

Hi Sean,

I'm using the Kibana dashboard from here: https://raw.githubusercontent.com/domainaware/parsedmarc/master/kibana/export.ndjson. The last update to that file was the new TLSRPT dashboard. I tried playing with the visualisations in Kibana and I have the impression it's in the data.

I've attached my modified dashboard for reference. Perhaps you like the modifications and additions. It's a bit experimental, though.

export_modified.zip

Kind Regards,

Sebastiaan