Skip to content
Request Support
  • There are no suggestions because the search field is empty.

Configure DMARC Quarantine or Reject Policy

This article explains how to deploy a quarantine or reject policy for DMARC in Delivery Center.

The MxToolbox Policy Advisor feature is a guide to help you complete your DMARC policy deployment. Why do you need to fully deploy your DMARC policy? At minimum, a fully deployed DMARC record set to a reject policy will:

  • Improve your Email Deliverability
  • Stop domain impersonation and phishing attacks
  • Prevent whaling and spear phishing attacks

configure_dmarc

DMARC Policy Tags

A DMARC policy tag allows an email sender to instruct the recipient what to do with a message that is not DMARC Compliant. These actions can be to quarantine the message, reject it, or allow the message to be delivered.

The "p" policy tag in a DMARC record provides the receiving mail server (the one that receives emails you send) with a command of what to do with an email that fails DMARC Compliance tests. That command can be as powerful as telling it to reject the message, quarantine the message (put it in the Spam/Junk folder), or simply do nothing (p=none).

DMARC Policy Tag Values

  • p=none: With this directive, DMARC does not change how email is handled by the receiver. In other words, no action is taken/messages remain unexamined.
  • p=quarantine: This policy sets aside questionable emails for further processing, which are usually exiled to the Junk folder.
  • p=reject: When emails do not come from your email infrastructure, this designation has the receiver outright reject those messages that fail DMARC authentication.

So, how do I get started?

First, you will note a progress bar at the top of this page. It indicates where you are in deploying your DMARC. If you are just starting, it will show 0%. As you progress in deployment, this status will track toward 100% (which means fully deployed).

policy_advisor_05

DMARC Policy

Along with the progress bar, you will see a section for DMARC Policy, which will display your current DMARC Record and a Recommended Change if our automated system detects that you are ready to adjust your DMARC policy toward quarantine or reject stage.

Helpful tips: If you see the following status for your DMARC record, it means your record is not fully deployed and further steps are needed.

policy_advisor_02

Additionally, on both the current record and the recommended change, you can click the Inspect button (noted below) to view information for Tests/Results. We validate both records to identify issues with your current record and verify that the recommendation is good, too.

policy_advisor_01

Changing Your Policy

The Policy Advisor service helps guide you through incrementally increasing your DMARC status from none (no deliverability benefits) to quarantine and reject by making recommendations for changing your policy.

We recommend every domain start at none status while we verify your DMARC compliance rate looks healthy. Once your compliance rate consistently looks good for several days, the Policy Advisor will recommend you deploy a reject 10% policy. We believe starting your first recommendation at this stage will provide you with the biggest benefit and cut down on unnecessary time lost to slowly deploying DMARC using a quarantine step process.

Auto-Config and Editor Options

In the Edit Your DMARC Record section, you have two control method options: Auto-Config or Editor.

We strongly recommend enabling Automatic Configuration, which automatically moves your DMARC record from a policy of none to a steady increase of a stricter policy based on your DMARC compliance score. By enabling this feature, you don't have to manually publish these changes in your MxToolbox interface when we recommend to move to the next policy step (e.g., reject 10% to reject 50%, etc.). Instead, this setting automatically moves your DMARC policy to each subsequent step if your DMARC compliance scores remain high.

Note: MxToolbox checks your DMARC policy setup 25 days after completion with the goal of getting it to reject 100% status under a month's time.

The Policy Progress and Policy Changes sections show the current status of your policy and any changes from your previous setup to your new configuration. To deploy your updated record after reviewing any changes, click the orange Enable New Policy button.

The Editor option lets you manually make changes to your DMARC record. For assistance, click the various info icons, which provide helpful content for each setting. You can change your DMARC features here and add values in this section. Click the checkmark to confirm or the "X" to cancel. Once done, click the orange Publish Policy button.