DMARC (Domain-based Message Authentication, Reporting, and Conformance) is a TXT record at _dmarc.<domain> that tells receivers what to do when SPF or DKIM checks fail and where to send aggregate reports.

DMARC Policy Check for yahoo.com

DMARC record looks good

Cached result — last checked 87s ago.

Raw record

v=DMARC1; p=reject; pct=100; rua=mailto:d@rua.agari.com; ruf=mailto:d@ruf.agari.com;

Policy p=reject — failing mail is rejected outright by receivers.

v	DMARC1	provided
p	reject	provided
sp		default
pct	100	provided
adkim	r	default
aspf	r	default
fo	0	default
rua	mailto:d@rua.agari.com	provided
ruf	mailto:d@ruf.agari.com	provided

These addresses are published by the domain owner in their public DMARC DNS record. To request removal, contact privacy@relaymetry.com.

The policy values p=none / p=quarantine / p=reject move from observation to enforcement. p=none reports issues without acting; p=quarantine routes failing mail to spam; p=reject blocks it outright. The pct= modifier scales enforcement (start at low pct=, ramp up).

Start with p=none + a working rua= reporting address to gather data without disrupting mail flow. Once reports show clean SPF + DKIM alignment for legitimate senders, ramp pct from 25 to 100 under p=quarantine, then promote to p=reject. Without a reporting address, DMARC enforcement is blind.