Overview
Stalwart MTA supports both the generation and analysis of a variety of email-related reports, aiding message-delivery transparency, authentication monitoring, and transport-security compliance. These reports provide insight into the health and trustworthiness of the mail infrastructure and can be used both operationally and for long-term policy evaluation.
Delivery Notifications
Delivery Status Notifications (DSNs) inform senders about the status of their messages. A DSN is generated by the MTA and delivered to the original sender, communicating whether the message was delivered successfully, delayed, or permanently failed.
DKIM
DKIM authentication-failure reporting lets domain owners receive notifications when messages sent from their domain fail DKIM authentication at recipient mail servers. Reports use an email-based format sent to a designated address within the domain and typically include the sender, recipient, and specific DKIM verification result. Analysing these reports helps domain owners detect issues with their DKIM implementation and protect their domain reputation.
SPF
SPF authentication-failure reporting generates reports for sending mail servers when SPF checks fail at the receiver. The receiver verifies that an incoming message is authorised by the domain specified in the envelope (the MAIL FROM identity). When the check fails, a failure report is sent back to the sender, including the SPF record, the IP address of the sending server, and relevant header details. These reports help sending operators identify and correct issues with their SPF records.
DMARC
DMARC (Domain-based Message Authentication, Reporting & Conformance) is an email-authentication protocol that provides a mechanism for receivers to determine whether incoming messages are legitimate and were sent from authorised sources. A sending domain publishes a DMARC policy as a DNS TXT record, specifying how receivers should handle messages that fail SPF or DKIM authentication. DMARC also defines a reporting mechanism that lets the sender receive feedback on how their messages are being handled, which can be used to tune SPF and DKIM configurations and monitor for abuse of the domain.
TLS
TLS reporting is the mechanism by which an MTA publishes outcomes of certificate validation during outbound message delivery. Recipients of TLS reports learn whether certificates were valid, expired, or revoked, which helps identify security issues and misconfigurations in the sending MTA.
Analysis
Stalwart automatically analyses incoming DMARC, DKIM, SPF, and TLS reports sent by other domains, removing the need for manual intervention and saving time for administrators. If TLS or message-authentication issues are detected, an event is recorded in the log file or sent to OpenTelemetry. Turning reports into actionable events allows administrators to detect and respond to configuration errors and abuse (such as spam or phishing), helping maintain the integrity of the email system.