{"id":18480,"date":"2024-03-12T10:36:00","date_gmt":"2024-03-12T10:36:00","guid":{"rendered":"https:\/\/easydmarc.com\/blog\/?p=18480"},"modified":"2025-10-14T14:15:56","modified_gmt":"2025-10-14T14:15:56","slug":"what-is-a-dmarc-policy","status":"publish","type":"post","link":"https:\/\/easydmarc.com\/blog\/what-is-a-dmarc-policy\/","title":{"rendered":"What is a DMARC Policy?"},"content":{"rendered":"<h2>Key Takeaways<\/h2>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">A DMARC policy defines how email servers handle unauthenticated emails from your domain, helping prevent phishing and spoofing attacks.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">There are three DMARC policy options: &#8220;None&#8221; (monitoring), &#8220;Quarantine&#8221; (sends suspicious emails to spam), and &#8220;Reject&#8221; (blocks unauthenticated messages).<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Starting with a monitoring policy (p=none) allows businesses to analyze email traffic before gradually enforcing stricter policies.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">A step-by-step approach <\/span><\/span>\u2013 moving from monitoring to quarantine, then to reject \u2013 ensures smooth DMARC implementation without disrupting legitimate emails.<\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">DMARC implementation requires ongoing monitoring and adjustment to maintain security and ensure all legitimate email sources are authenticated.<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">A DMARC policy is a set of DMARC rules that tells email servers what to do with unauthenticated emails from your domain name. It lets senders indicate that their email messages are SPF and DKIM compliant, which is important because over <a href=\"https:\/\/aag-it.com\/the-latest-phishing-statistics\/\">91% of cyberattacks<\/a><\/span><span style=\"font-weight: 400;\">\u00a0start with an email. For this reason, it&#8217;s vital to integrate email security best practices into your cybersecurity plan to avoid<\/span><a href=\"https:\/\/easydmarc.com\/blog\/what-is-business-email-compromise-bec\/\"><span style=\"font-weight: 400;\"> business email compromise<\/span><\/a><span style=\"font-weight: 400;\"> and<\/span><a href=\"https:\/\/easydmarc.com\/blog\/phishing-attacks-recognize-and-avoid-email-phishing\/\"><span style=\"font-weight: 400;\"> phishing<\/span><\/a><span style=\"font-weight: 400;\">. One of the best ways to protect your email address against cyber threats is to implement and advance your domain&#8217;s\u00a0 <a href=\"https:\/\/easydmarc.com\/blog\/glossary\/dmarc\/\">Domain-based Message Authentication (DMARC)<\/a> policy for email authentication.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">We&#8217;ll explore what a DMARC enforcement policy does, the three DMARC policy options, their importance and configuration, and best practices.<\/span><\/p>\n<p><iframe title=\"DMARC Policies: What is a DMARC Policy &amp; How to Transition From p=none to p=reject | EasyDMARC\" width=\"580\" height=\"326\" src=\"https:\/\/www.youtube.com\/embed\/yakVOi6_ZO0?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe><\/p>\n<h2><b>What Does a DMARC Policy Do?<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">A DMARC policy has a protocol implementation that tells the email server what to do with a message after checking for <a href=\"https:\/\/easydmarc.com\/blog\/cleverreach-spf-and-dkim\/\">SPF and DKIM authentication<\/a>, like whether to accept, quarantine, or reject it. To implement a DMARC policy, you need to include it in your DMARC record, a set of instructions specifying your domain&#8217;s email authentication rules. This record is published as a Domain Name System (DNS) record, a publicly accessible entry that informs mail servers how to handle messages from your domain.To verify your DMARC records, make sure to try our <\/span><a href=\"https:\/\/easydmarc.com\/tools\/dmarc-lookup\"><span style=\"font-weight: 400;\">DMARC record check<\/span><\/a><span style=\"font-weight: 400;\"> tool.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">DMARC doesn&#8217;t directly address whether a mail is spam or otherwise fraudulent. Instead, it requires that a message pass DomainKeys Identified Mail(DKIM) or Sender Policy Framework (SPF) validation and alignment. SPF verifies that the email comes from an IP address allowed by the domain&#8217;s DNS record, while DKIM ensures the message hasn&#8217;t been tampered with. If the mail fails these checks, the DMARC rules in a policy determines how the receiving server should handle the message.<\/span><\/p>\n<h2><b>Why Do You Need a DMARC Policy?<\/b><\/h2>\n<p><a href=\"https:\/\/easydmarc.com\/blog\/dmarc-step-by-step-guide\/\"><span style=\"font-weight: 400;\">Setting up a DMARC policy<\/span><\/a><span style=\"font-weight: 400;\"> positively impacts deliverability for legitimate senders. With DMARC implementation, you can tell receivers how to handle messages that fail authentication and protect your domain from spoofing and other phishing attacks.This includes outright denial of the message, or putting the message in DMARC quarantine.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">DMARC also leverages other security standards to provide an additional layer of security:<\/span><a href=\"https:\/\/easydmarc.com\/blog\/understanding-dmarc-reports\/\"><span style=\"font-weight: 400;\"> DMARC reporting<\/span><\/a><span style=\"font-weight: 400;\">. Through monitoring, you can get in-depth knowledge about who is sending mails on your domain&#8217;s behalf with aggregate reports and forensic reports containing information about a sending server&#8217;s IP addresses.<\/span><\/p>\n<h2><b>What Are the Different DMARC Policy Options?<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">There are three DMARC policy options that you can implement &#8211; monitoring, quarantine, or reject.<\/span><\/p>\n<h3><b>1. Monitoring Policy (p=none)<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">This entry-level policy involves entering the DMARC record into DNS. The policy marker in the record syntax is p<\/span><i><span style=\"font-weight: 400;\">. <\/span><\/i><span style=\"font-weight: 400;\">When set to \u201cnone\u201d (p=none), <\/span><b>DMARC will just monitor your sending sources without taking action.<\/b><\/p>\n<p><span style=\"font-weight: 400;\">However, even with p=none, DMARC sends reports on how your email domain is used and whether messages pass or fail authentication checks. You can specify to which email addresses or web endpoints these reports should be sent by providing Uniform Resource Identifiers (URIs), in this case, a<\/span><a href=\"https:\/\/easydmarc.com\/blog\/what-are-rua-and-ruf-in-dmarc\/\"><span style=\"font-weight: 400;\"> RUF tag or a RUA tag<\/span><\/a><span style=\"font-weight: 400;\">. A RUF tag specifies where to send forensic reports, which provide detailed data about individual emails that fail DMARC checks. A RUA tag specifies where to send aggregate reports, which provide summarized data about all mails sent using the domain, including pass\/fail rates for DMARC, SPF, and DKIM.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">At this stage, unauthorized emails still find their way to the recipient&#8217;s inbox folder, but you can use the data to analyze who is sending messages on your domain&#8217;s behalf.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">A monitoring policy is mainly recommended for an organization starting with DMARC implementation. When you have a good source analysis and data, you can move to the next level: Quarantine.<\/span><\/p>\n<h3><b>2. DMARC Quarantine Policy (p=quarantine)<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">A DMARC quarantine policy sets the p tag to p=quarantine, instructing the receiving server to forward messages that failed the authentication DMARC checks to the recipient&#8217;s spam folder. Mails that pass the DMARC authentication checks are delivered to the receiver\u2019s inbox.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">You can gradually harden your DMARC rules and policy, increasing how strict it is by progressively blocking more messages that fail authentication by using the percentage tag (pct)<\/span><b> and setting it to a specific value that can pass into the inbox. <\/b><span style=\"font-weight: 400;\">The pct tag in DMARC sets the percentage of emails that fail authentication and will be affected by the policy. For example, setting pct=50 means only 50% of failing mails are quarantined or rejected. Gradually increasing this number (e.g. from 50 to 75 to 100) allows more unauthenticated messages to be handled, enabling a smooth transition to stricter enforcement.<\/span><\/p>\n<h3><b>3. Reject Policy (p=reject)<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">A reject policy is the third level, where you set your p to reject<\/span><b>. With this configuration, you tell mail receivers not to deliver messages that fail the authentication checks.<\/b><\/p>\n<p><span style=\"font-weight: 400;\">P=reject will ensure that email messages that pass the checks will be delivered to the receiver&#8217;s inbox, while all fraudulent emails will bypass it. This is the best option for organizations that want to mitigate the impact of email spoofing.<\/span><\/p>\n<h2><strong>How to Configure Your DMARC Policy?<\/strong><\/h2>\n<p>To properly configure your DMARC policy, you must understand best practices, including staged rollouts common for <a href=\"https:\/\/easydmarc.com\/blog\/au\/ebook\/2025-state-of-dmarc-adoption-australia-global-insights\/\">DMARC adoption in Australia<\/a>. <span style=\"font-weight: 400;\">Many organizations jump straight to \u2018reject\u2019, and they end up preventing all (both legitimate and not) messages from getting to the recipient&#8217;s inbox.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">With the reject policy, the mail receiver will block every message that doesn&#8217;t pass the authentication checks. So, it is essential to have proper monitoring to whitelist or authenticate outgoing email sources. Otherwise, the policy will reject all your important email messages as well.<\/span><\/p>\n<h3><b>Start with Monitoring<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">EasyDMARC&#8217;s experts recommend starting with &#8220;p=none\u201d to monitor your domain and gain insight from reports into who is sending messages on your domain&#8217;s behalf.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">With these reports, you can identify legitimate email sources that receivers shouldn&#8217;t reject during authentication.<\/span><\/p>\n<h3><b>Don&#8217;t Skip Quarantine<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Once you have configured your legitimate email sources, you can now escalate your DMARC policy to quarantine. As mentioned above, all the unauthenticated messages get sent to the spam folder, while the authenticated ones land in the recipient&#8217;s inbox.<\/span><\/p>\n<h3><b>Move to Reject as a Final Step<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Now that you have marked all your legitimate email sources, you can set your DMARC policy to reject. The DMARC reject policy will block all unauthenticated email messages from reaching the receiver&#8217;s inbox. Note that even<\/span><a href=\"https:\/\/easydmarc.com\/blog\/what-happens-after-preject-beyond-the-dmarc-golden-standard\/\"> <span style=\"font-weight: 400;\">after p=reject<\/span><\/a><span style=\"font-weight: 400;\"> has been reached, it is still crucial to continuously monitor your DMARC reports.\u00a0<\/span><\/p>\n<h2><strong>Which DMARC Policy Should You Implement?<\/strong><\/h2>\n<p><span style=\"font-weight: 400;\">You should implement a DMARC policy of p=reject for the best protection against email security threats, but this can\u2019t be done overnight. Enforcing a DMARC reject policy immediately is not advisable because you experience a phishing attack. Depending on your infrastructure, DMARC implementation can take one to twelve months. EasyDMARC helps you reach p=reject 57 days faster than our competitors.<\/span><\/p>\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity is-style-dots\"\/>\n\n\n\n<p>Contact EasyDMARC\u2019s Support Team to help you through your DMARC implementation and enforcement implementation. We\u2019ll ensure that your organization reaches the DMARC reject policy without stress.<\/p>\n\n\n\n<p><a href=\"https:\/\/easydmarc.com\/contact-us\">Contact us today<\/a> for assistance.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Key Takeaways A DMARC policy defines how email &#8230;<\/p>\n","protected":false},"author":30,"featured_media":42714,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"categories":[204,285,203],"tags":[],"class_list":["post-18480","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog","category-dmarc","category-email-security"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.4 (Yoast SEO v27.4) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>EasyDMARC | What is a DMARC Policy?<\/title>\n<meta name=\"description\" content=\"A DMARC policy is how an email server decides what to do with a message after checking it. Learn more about this critical infrastructure with EasyDMARC.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/easydmarc.com\/blog\/what-is-a-dmarc-policy\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"What is a DMARC Policy?\" \/>\n<meta property=\"og:description\" content=\"A DMARC policy is how an email server decides what to do with a message after checking it. Learn more about this critical infrastructure with EasyDMARC.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/easydmarc.com\/blog\/what-is-a-dmarc-policy\/\" \/>\n<meta property=\"og:site_name\" content=\"EasyDMARC\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/EasyDMARC\/\" \/>\n<meta property=\"article:published_time\" content=\"2024-03-12T10:36:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-10-14T14:15:56+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/easydmarc.com\/blog\/wp-content\/uploads\/2024\/10\/What-is-a-DMARC-Policy_-1.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1440\" \/>\n\t<meta property=\"og:image:height\" content=\"910\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Sarah Wilson\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@easydmarc\" \/>\n<meta name=\"twitter:site\" content=\"@easydmarc\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Sarah Wilson\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-a-dmarc-policy\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-a-dmarc-policy\\\/\"},\"author\":{\"name\":\"Sarah Wilson\",\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/#\\\/schema\\\/person\\\/205f64b37b241d54a61f9b7d16c3c178\"},\"headline\":\"What is a DMARC Policy?\",\"datePublished\":\"2024-03-12T10:36:00+00:00\",\"dateModified\":\"2025-10-14T14:15:56+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-a-dmarc-policy\\\/\"},\"wordCount\":1309,\"publisher\":{\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-a-dmarc-policy\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/10\\\/What-is-a-DMARC-Policy_-1.jpg\",\"articleSection\":[\"Blog\",\"DMARC\",\"Email Security\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-a-dmarc-policy\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-a-dmarc-policy\\\/\",\"url\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-a-dmarc-policy\\\/\",\"name\":\"EasyDMARC | What is a DMARC Policy?\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-a-dmarc-policy\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-a-dmarc-policy\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/10\\\/What-is-a-DMARC-Policy_-1.jpg\",\"datePublished\":\"2024-03-12T10:36:00+00:00\",\"dateModified\":\"2025-10-14T14:15:56+00:00\",\"description\":\"A DMARC policy is how an email server decides what to do with a message after checking it. Learn more about this critical infrastructure with EasyDMARC.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-a-dmarc-policy\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-a-dmarc-policy\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-a-dmarc-policy\\\/#primaryimage\",\"url\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/10\\\/What-is-a-DMARC-Policy_-1.jpg\",\"contentUrl\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/10\\\/What-is-a-DMARC-Policy_-1.jpg\",\"width\":1440,\"height\":910,\"caption\":\"dmarc policy\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-a-dmarc-policy\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/easydmarc.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Blog\",\"item\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/category\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Email Security\",\"item\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/category\\\/blog\\\/email-security\\\/\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"DMARC\",\"item\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/category\\\/blog\\\/email-security\\\/dmarc\\\/\"},{\"@type\":\"ListItem\",\"position\":5,\"name\":\"What is a DMARC Policy?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/\",\"name\":\"EasyDMARC\",\"description\":\"Blog\",\"publisher\":{\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/easydmarc.com\\\/#organization\",\"name\":\"EasyDMARC\",\"url\":\"https:\\\/\\\/easydmarc.com\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/easydmarc.com\\\/img\\\/logo.png\"},\"image\":{\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/EasyDMARC\\\/\",\"https:\\\/\\\/x.com\\\/easydmarc\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/easydmarc\\\/mycompany\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/#\\\/schema\\\/person\\\/205f64b37b241d54a61f9b7d16c3c178\",\"name\":\"Sarah Wilson\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d7f2cab4b5083e4305631e460d5603e6d9413f10725c760a4ba644e557bcc7c7?s=96&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d7f2cab4b5083e4305631e460d5603e6d9413f10725c760a4ba644e557bcc7c7?s=96&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d7f2cab4b5083e4305631e460d5603e6d9413f10725c760a4ba644e557bcc7c7?s=96&r=g\",\"caption\":\"Sarah Wilson\"},\"url\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/author\\\/sarah-wilson\\\/\"}]}<\/script>\n<meta property=\"og:video\" content=\"https:\/\/www.youtube.com\/embed\/yakVOi6_ZO0\" \/>\n<meta property=\"og:video:type\" content=\"text\/html\" \/>\n<meta property=\"og:video:duration\" content=\"248\" \/>\n<meta property=\"og:video:width\" content=\"480\" \/>\n<meta property=\"og:video:height\" content=\"270\" \/>\n<meta property=\"ya:ovs:adult\" content=\"false\" \/>\n<meta property=\"ya:ovs:upload_date\" content=\"2024-03-12T10:36:00+00:00\" \/>\n<meta property=\"ya:ovs:allow_embed\" content=\"true\" \/>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"EasyDMARC | What is a DMARC Policy?","description":"A DMARC policy is how an email server decides what to do with a message after checking it. Learn more about this critical infrastructure with EasyDMARC.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/easydmarc.com\/blog\/what-is-a-dmarc-policy\/","og_locale":"en_US","og_type":"article","og_title":"What is a DMARC Policy?","og_description":"A DMARC policy is how an email server decides what to do with a message after checking it. Learn more about this critical infrastructure with EasyDMARC.","og_url":"https:\/\/easydmarc.com\/blog\/what-is-a-dmarc-policy\/","og_site_name":"EasyDMARC","article_publisher":"https:\/\/www.facebook.com\/EasyDMARC\/","article_published_time":"2024-03-12T10:36:00+00:00","article_modified_time":"2025-10-14T14:15:56+00:00","og_image":[{"width":1440,"height":910,"url":"https:\/\/easydmarc.com\/blog\/wp-content\/uploads\/2024\/10\/What-is-a-DMARC-Policy_-1.jpg","type":"image\/jpeg"}],"author":"Sarah Wilson","twitter_card":"summary_large_image","twitter_creator":"@easydmarc","twitter_site":"@easydmarc","twitter_misc":{"Written by":"Sarah Wilson","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/easydmarc.com\/blog\/what-is-a-dmarc-policy\/#article","isPartOf":{"@id":"https:\/\/easydmarc.com\/blog\/what-is-a-dmarc-policy\/"},"author":{"name":"Sarah Wilson","@id":"https:\/\/easydmarc.com\/blog\/#\/schema\/person\/205f64b37b241d54a61f9b7d16c3c178"},"headline":"What is a DMARC Policy?","datePublished":"2024-03-12T10:36:00+00:00","dateModified":"2025-10-14T14:15:56+00:00","mainEntityOfPage":{"@id":"https:\/\/easydmarc.com\/blog\/what-is-a-dmarc-policy\/"},"wordCount":1309,"publisher":{"@id":"https:\/\/easydmarc.com\/blog\/#organization"},"image":{"@id":"https:\/\/easydmarc.com\/blog\/what-is-a-dmarc-policy\/#primaryimage"},"thumbnailUrl":"https:\/\/easydmarc.com\/blog\/wp-content\/uploads\/2024\/10\/What-is-a-DMARC-Policy_-1.jpg","articleSection":["Blog","DMARC","Email Security"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/easydmarc.com\/blog\/what-is-a-dmarc-policy\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/easydmarc.com\/blog\/what-is-a-dmarc-policy\/","url":"https:\/\/easydmarc.com\/blog\/what-is-a-dmarc-policy\/","name":"EasyDMARC | What is a DMARC Policy?","isPartOf":{"@id":"https:\/\/easydmarc.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/easydmarc.com\/blog\/what-is-a-dmarc-policy\/#primaryimage"},"image":{"@id":"https:\/\/easydmarc.com\/blog\/what-is-a-dmarc-policy\/#primaryimage"},"thumbnailUrl":"https:\/\/easydmarc.com\/blog\/wp-content\/uploads\/2024\/10\/What-is-a-DMARC-Policy_-1.jpg","datePublished":"2024-03-12T10:36:00+00:00","dateModified":"2025-10-14T14:15:56+00:00","description":"A DMARC policy is how an email server decides what to do with a message after checking it. Learn more about this critical infrastructure with EasyDMARC.","breadcrumb":{"@id":"https:\/\/easydmarc.com\/blog\/what-is-a-dmarc-policy\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/easydmarc.com\/blog\/what-is-a-dmarc-policy\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/easydmarc.com\/blog\/what-is-a-dmarc-policy\/#primaryimage","url":"https:\/\/easydmarc.com\/blog\/wp-content\/uploads\/2024\/10\/What-is-a-DMARC-Policy_-1.jpg","contentUrl":"https:\/\/easydmarc.com\/blog\/wp-content\/uploads\/2024\/10\/What-is-a-DMARC-Policy_-1.jpg","width":1440,"height":910,"caption":"dmarc policy"},{"@type":"BreadcrumbList","@id":"https:\/\/easydmarc.com\/blog\/what-is-a-dmarc-policy\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/easydmarc.com\/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https:\/\/easydmarc.com\/blog\/category\/blog\/"},{"@type":"ListItem","position":3,"name":"Email Security","item":"https:\/\/easydmarc.com\/blog\/category\/blog\/email-security\/"},{"@type":"ListItem","position":4,"name":"DMARC","item":"https:\/\/easydmarc.com\/blog\/category\/blog\/email-security\/dmarc\/"},{"@type":"ListItem","position":5,"name":"What is a DMARC Policy?"}]},{"@type":"WebSite","@id":"https:\/\/easydmarc.com\/blog\/#website","url":"https:\/\/easydmarc.com\/blog\/","name":"EasyDMARC","description":"Blog","publisher":{"@id":"https:\/\/easydmarc.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/easydmarc.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/easydmarc.com\/#organization","name":"EasyDMARC","url":"https:\/\/easydmarc.com\/","logo":{"@type":"ImageObject","url":"https:\/\/easydmarc.com\/img\/logo.png"},"image":{"@id":"https:\/\/easydmarc.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/EasyDMARC\/","https:\/\/x.com\/easydmarc","https:\/\/www.linkedin.com\/company\/easydmarc\/mycompany\/"]},{"@type":"Person","@id":"https:\/\/easydmarc.com\/blog\/#\/schema\/person\/205f64b37b241d54a61f9b7d16c3c178","name":"Sarah Wilson","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/d7f2cab4b5083e4305631e460d5603e6d9413f10725c760a4ba644e557bcc7c7?s=96&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d7f2cab4b5083e4305631e460d5603e6d9413f10725c760a4ba644e557bcc7c7?s=96&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d7f2cab4b5083e4305631e460d5603e6d9413f10725c760a4ba644e557bcc7c7?s=96&r=g","caption":"Sarah Wilson"},"url":"https:\/\/easydmarc.com\/blog\/author\/sarah-wilson\/"}]},"og_video":"https:\/\/www.youtube.com\/embed\/yakVOi6_ZO0","og_video_type":"text\/html","og_video_duration":"248","og_video_width":"480","og_video_height":"270","ya_ovs_adult":"false","ya_ovs_upload_date":"2024-03-12T10:36:00+00:00","ya_ovs_allow_embed":"true"},"jetpack_featured_media_url":"https:\/\/easydmarc.com\/blog\/wp-content\/uploads\/2024\/10\/What-is-a-DMARC-Policy_-1.jpg","_links":{"self":[{"href":"https:\/\/easydmarc.com\/blog\/wp-json\/wp\/v2\/posts\/18480","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/easydmarc.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/easydmarc.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/easydmarc.com\/blog\/wp-json\/wp\/v2\/users\/30"}],"replies":[{"embeddable":true,"href":"https:\/\/easydmarc.com\/blog\/wp-json\/wp\/v2\/comments?post=18480"}],"version-history":[{"count":12,"href":"https:\/\/easydmarc.com\/blog\/wp-json\/wp\/v2\/posts\/18480\/revisions"}],"predecessor-version":[{"id":53827,"href":"https:\/\/easydmarc.com\/blog\/wp-json\/wp\/v2\/posts\/18480\/revisions\/53827"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/easydmarc.com\/blog\/wp-json\/wp\/v2\/media\/42714"}],"wp:attachment":[{"href":"https:\/\/easydmarc.com\/blog\/wp-json\/wp\/v2\/media?parent=18480"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/easydmarc.com\/blog\/wp-json\/wp\/v2\/categories?post=18480"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/easydmarc.com\/blog\/wp-json\/wp\/v2\/tags?post=18480"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}