A strong DMARC (Domain-based Message Authentication, Reporting, and Conformance) policy is crucial for safeguarding your domain against email-based threats like phishing and spoofing
Syntax: v=DMARC1; p=reject; sp=reject; rua=mailto:[email protected]; ruf=mailto:[email protected]; adkim=s; aspf=s; pct=100;
v=DMARC1: Specifies the version of DMARC.
p=reject: Applies a reject policy to emails that fail DMARC checks.
sp=reject: Applies a reject policy to subdomains.
rua=mailto:[email protected]: Sends aggregate reports to the specified email address.
ruf=mailto:[email protected]: Sends forensic reports to the specified email address.
adkim=s: Uses strict alignment for DKIM.
aspf=s: Uses strict alignment for SPF.
pct=100: Applies the policy to 100% of emails.
Here is what your dmaarc policy says:
1. If p=none: You are in monitoring mode, allowing the analysis of emails without preventing illegitimate ones from reaching recipients’ mailboxes.
2. If p=quarantine: Illegitimate emails will be directed to recipients’ junk/spam folders but won’t be completely rejected.
3. If p=reject: You have successfully enforced DMARC to the highest policy and illegitimate emails are now being blocked.
4. If invalid: Your policy has typos or other issues. Review and correct the policy.
5. If No Record: You haven’t published a DMARC record.
Create and publish a new one.
0 Comments