Red Bridge CyberRed Bridge Cyber
Customer Login
What We CheckHow It WorksPricingResearchAboutBlogCustomer Login

What is DMARC and why does MXToolbox keep flagging it?

DMARC is a DNS record that tells receiving mail servers what to do with email that claims to come from your domain but fails the SPF and DKIM authentication checks:

  • p=none — deliver it anyway (monitoring only)
  • p=quarantine — send it to spam
  • p=reject — reject it outright

MXToolbox flags DMARC findings constantly because most domains either have no record or run a policy with no teeth: about one in six Australian small business domains have no DMARC record at all, and 40% publish DMARC without an enforcing policy — monitoring without enforcement.* Without an enforcing policy, anyone can send email as your domain and receiving servers have been told not to stop it. The fix path is p=none with reports first, then p=quarantine, then p=reject.