What is a DMARC forensic report (RUF)?

A forensic report is a near real time message level failure notification often formatted using the Authentication Failure Reporting Format defined in RFC 6591. It includes metadata about the failed message such as redacted headers which help diagnose active abuse.

It is a storm warning that tells you an attacker is attempting to impersonate your domain.