The DKIM and SPF procedures described above can be used to verify whether emails actually originate from the specified sender or whether the sending mail server is actually authorised to send emails for a specific sender domain.
However, neither of the procedures or checks contain any instructions concerning how the receiving mail server should proceed if the check is either successful or fails. DMARC fills this gap. The DMARC policy allows you to define the following options for handling failed DKIM or SPF checks:
‘none’ (= normal delivery of the email)
‘quarantine’ (= place the email in the SPAM folder)
‘reject’ (= email will not be delivered)
Note: DMARC requires a domain alignment that passes SPF and DKIM checks.
To use DMARC, you must store entries with your Internet Service Provider (ISP) in the Domain Name System (DNS) in which you define your DMARC policy.