DMARC
DMARC is Domain-based Message Authentication, Reporting and Conformance, a technical standard that helps protect email senders and recipients from advanced threats that can be the source of an email data breach. DMARC email security provides a way for domain owners to outline their authentication practices and specify the actions to be taken when an email fails authentication. DMARC also provides a way for recipients to report on email that fails authentication.
Starting in February 2024 leading mailbox providers will require email senders to publish a DMARC record for domains sending more than 5,000 emails per day. Yahoo and Google have published these requirements on their postmaster blogs.
It is recommended that a DMARC record is always added to your Domain Authentication, Google in particular host many domains for individuals and businesses, so it may not be obvious that you will exceed the 5,000 email limit by analysing your subscriber lists.
Authenticating a new domain has always required SPF and DKIM records to be configured, DMARC provides an additional layer of authentication which aligns both of these authentication techniques and allows for additional reporting. This is done by publishing an additional policy record in DNS.
Once the DMARC policy record has been published the Domain Authentication tool can be used to verify the policy and update the domain status within the system.
Standard DNS propagation means that it may take 24-48 hours for domain authentication to successfully complete in some scenarios.