What Is a DMARC Policy?

A DMARC policy is the stated p value expressed in a DMARC record, and it tells inboxes what to do with a message that fails DMARC. If a received email fails SPF and DKIM authentication, the recipient's enforced DMARC policy (p=) determines what to do with it. More specifically, that value determines if the message should be rejected, quarantined, or allowed to pass (during testing).

A DMARC policy value of quarantine or reject helps prevent email spoofing and phishing by requesting that inboxes take the action to quarantine or reject the message if it does not appear to be coming from your domain. There are three DMARC policy enforcement classifications:

  • p=none: This policy instructs the receiving mail server to take no action on the message and deliver it (also known as monitor).
  • p=quarantine: This policy directs unauthorized emails to the recipient's Spam/Junk folder.
  • p=reject: This policy rejects/blocks unauthorized emails from reaching the recipient's inbox.

The recipient mail server acts on one of the above options if the domain has published a DMARC record. If the domain has NOT published a DMARC record, the recipient server determines if the message should be delivered on its own. With phishing, malware threats, and a variety of other security concerns, the importance of being able to tell recipient mail servers to quarantine or reject messages that fail DMARC has become the gold standard for sending legitimate email and blocking attacks.

To further examine the "p" tag, click here.

burritos@banana-pancakes.com braunstrowman@banana-pancakes.com finnbalor@banana-pancakes.com ricflair@banana-pancakes.com randysavage@banana-pancakes.com