When you set up DMARC sender authentication for inbound mail on the Spam > Settings > Sender Authentication page, you can also enable DMARC failure reports. SMG emails a failure report to the domain of the sender whose message failed DMARC validation.
To enable DMARC reporting
In the SMG Control Center, select Spam > Settings > Sender Authentication.
On the Sender Authentication page, enable Domain-based Message Authentication, Reporting, & Conformance (DMARC).
You can also limit the external domains whose messages you want SMG to check, or allow SMG to perform sender authentication for all domains.
In the DMARC Reporting Settings panel, select Enable Failure Reports.
In the Sender Address field, type the email address from which the failure reports appear to be sent. The Sender Address must be a valid address on your email system.
SMG sends failure reports only to domains that supply an email address in their DMARC DNS records. If a failure report can't be delivered to a domain that supplies an address, your Sender Address mailbox receives a bounceback message.
If you want to monitor when failure reports can't be delivered, enter an administrator address as the Sender Address.
If you do not want to monitor these delivery failures, enter the address of an email account that is not monitored.
SMG does not keep copies of the failure reports that it sends.
The DMARC DNS record of the sender's domain must request forensic reports and must supply an email address to receive these failure reports.
Refer to Anatomy of a DMARC resource record in the DNS at https://dmarc.org/overview
For more information about DMARC failure reports, visit https://tools.ietf.org/html/rfc7489#section-7.3