What is a DMARC policy?

A DMARC policy is the p tag inside a DMARC record. It tells email service providers (ESP) like Gmail who adopted DMARC what to do if an email fails the DMARC check.

A DMARC policy can take one of three values: none (monitor), quarantine and reject.

none: the ESP won't do anything with the unaligned emails and the emails appears inside the the receiver's inbox. This is also called the monitoring mode. One can analyze the DMARC reports and understand who is sending emails on your behalf. Once you get a good grasp of the status of your email program, you can move on to the quarantine policy.

quarantine: the ESP will put these unaligned emails in the spam folder for quarantine's sake. Like with the none policy, analyze the data and check who is sending email via your domain.

reject: the ESP will reject all emails that fail the DMARC check. None of the email messages will show up in the receiver's mailbox. While this policy blocks all emails sent from domain spoofers, it can also blocks completely legitimate emails from sources not yet on your whitelist. For example, if someone inside your organization uses 3rd-party email services to send emails, and these email services are not given permissions to send on your behalf, such email messages will be rejected!

You can choose the policy in the DMARCLY dashboard:


Do you find this article useful?