1. Help Center
  2. Getting started with EasyDMARC

How do I know whether I'm ready to switch to p=reject?

DMARC (Domain-based Message Authentication, Reporting and Conformance) is crucial for ensuring email authenticity through SPF and DKIM, aligning with the “From” address in emails. DMARC policies (p=none, p=quarantine, and p=reject) dictate how emails failing authentication checks are handled.

Initial Monitoring Phase

Begin with the p=none policy to monitor email flows without affecting delivery. This phase allows organizations to collect and analyze DMARC reports, crucial for identifying legitimate email sources and configuring SPF and/or DKIM appropriately.

Types of DMARC Reports

  • Aggregate Reports: Provide comprehensive data on authentication results, essential for analyzing email sources and their compliance.
  • Failure (Forensic) Reports: Detail specific email failures but are not widely supported by major ESPs like Google and Yahoo.

Challenges with Aggregate Reports

Managing XML-format Aggregate reports can be complex, especially with large volumes of data. EasyDMARC’s solution simplifies this with a dashboard that visualizes and categorizes email authentication results.

Understanding the EasyDMARC Solution

The dashboard categorizes emails into four tabs based on authentication results:

  1. Compliant: Emails that pass DMARC checks. Ensure both SPF and DKIM are correctly configured for these sources.
  2. Non-compliant: Emails that fail DMARC checks but may originate from legitimate sources. It’s crucial to review and fix these sources by configuring SPF and/or DKIM.
  3. Threat/Unknown: Potential malicious sources attempting to send fraudulent emails on behalf of your domain.
  4. Forwarded: Emails auto-forwarded by third parties. SPF typically fails, but DKIM should pass if correctly configured and message integrity is maintained.

Importance of Analyzing Non-Compliant Sources

Analyzing and fixing non-compliant sources is crucial. EasyDMARC’s solution provides Email Source Identification, guiding users on how to fix specific ESPs with SPF and DKIM with a single click. Access these features by clicking on the Gear Icons, as demonstrated in the screenshot above. We also have comprehensive articles available on resolving issues with well-known sources, which you can access here for detailed guidance.

Important: Only when all email channels (e.g., Marketing, Billing, Ops notifications, Sales) are properly configured should organizations consider enforcing stricter DMARC policies.

Transitioning to p=quarantine

Once legitimate sources are identified and fixed, organizations can consider the p=quarantine policy, which directs non-compliant emails to the recipient’s spam/junk folder. Continuous monitoring is essential during this phase to address any issues promptly.

Moving to p=reject

After thorough monitoring and ensuring all legitimate sources are compliant, organizations can advance to the p=reject policy. This policy rejects non-compliant emails outright at the recipient’s server, enhancing email security.

Continuous Monitoring

Even after enforcing the p=reject policy, continuous monitoring is crucial. Regularly review DMARC reports and adjust configurations as needed to adapt to changes in the email landscape.

Conclusion

Transitioning to the p=reject policy is a crucial step in safeguarding your domain's reputation and preventing cybercriminals from using it to send fraudulent emails on your behalf. By diligently identifying and resolving non-compliant sources and ensuring that all email channels are correctly configured, organizations can confidently implement stricter DMARC policies, strengthening their email security stance.