Hi. We’re an Office 365 customer. Virtually all of our email goes out through the MS cloud. Given this, is there any serious risk to setting our policy to Quarantine or Fail? Right now we have it at Pass.
I’m a newbie to all of this, so go easy.
I’ll go easy, but for the sake of accuracy only one of the three terms you have used is a policy. While a message will either pass or fail DMARC, those are not policies. You can define a policy of none, quarantine, or reject to be applied to messages that fail DMARC.
If you don’t know how your policy will affect your email, you are best to start with a policy of none and observe the results for a period long enough that you feel satisfied that an increase in the policy level will not impact legitimate messages. You can then increase the policy to quarantine and repeat the monitoring process before eventually implementing a reject policy.
This is one of the reasons that a DMARC monitoring service like dmarcian is a key company of an effective DMARC policy.
Thanks. Our “policy” is currently none. I guess i’m a little confused reading the monitoring reports and how to interpret them. Can you recommend a Dmarcian tech article/tutorial on how to go about making sense of the monitoring data?
You may want to run through these free courses.
It is my impression that DMARC reporting is more lax when the sender has a policy of none than when policy is quarantine or reject. For that reason, I prefer moving to quarantine quickly after a short period of monitoring with p=none. The pct=0 tag is very useful for fast-tracking to a stricter policy, but it should only be used temporarily to aid the transition.
What is the pct (percentage) tag in a DMARC Record? - dmarcian