Open this lesson in your favourite AI. It'll walk you through the why, explain the demo, and quiz you on the try-it list.
DMARC builds on SPF and DKIM by telling receivers what to do when authentication fails — quarantine, reject, or monitor — giving domain owners active control over spoofed mail. Without a DMARC policy, passing SPF and DKIM alone offers no enforcement.
dig TXT _dmarc.yourdomain.com and identify the current p= value (none, quarantine, or reject).rua=) on a subdomain and after 24 hours open the XML aggregate report — count how many sources are sending mail as your domain.p=none to p=quarantine and send a deliberately SPF-failing message to a Gmail address to verify it lands in spam.Use these three in order. Each builds on the one before.
In one paragraph, explain what DMARC is and what the three policy levels (none, quarantine, reject) mean in practice.
Walk me through how DMARC uses SPF and DKIM alignment results to decide whether to accept, quarantine, or reject an email.
Given an enterprise moving from p=none to p=reject over 90 days, what monitoring steps and rollback triggers would you build into that timeline?