I have spf and/or dkim set up for all legitimate sources of mail for my domain. Dmarcian xml parser reports show in the Policy Details table that my policy and subdomain policy are set to Quarantine. I’m gradually stepping up the percentage.
Hundreds of emails from my domain are listed in every report under DMARC Capable with high or perfect compliance rates.
Every few days, under the threat section, there’s activity listed under Other Servers. Right under Other Servers, it says “p=none Policy Applying To x of x messages.” Under that, all activity is listed under nxdomain in a table, and there is a line in that table for my domain – the same domain from which DMARC compliant mail is indicated in the DMARC Capable section. No policy is applied to this mail.
It seems that while the policy is set properly in DNS records, and respected enough by dmarcian to be listed in the report’s Policy Details, the same quarantine policy is not being respected by Threat/Unknown mail, which is listed under nxdomain, even though the domain listed in nxdomain table is the same exact domain that should be respecting the policy.
Can someone help me understand what I’m missing here and how to apply a quarantine policy to threat/unknown mail from my domain listed under nxdomain?