DMARC

DMARC builds on SPF and DKIM by adding a policy layer and reporting mechanism. Your DMARC record tells receiving mail servers what to do when an email fails authentication: none (monitor only), quarantine (send to spam), or reject (block entirely). A basic DMARC record looks like: v=DMARC1; p=none; rua=mailto:dmarc@yourdomain.com For cold email, start with p=none to monitor without affecting delivery, then gradually move to p=quarantine and finally p=reject as you confirm all legitimate sending sources are authenticated. DMARC also provides aggregate reports showing who is sending email from your domain, helping you identify unauthorized use. Tools like GlockApps offer DMARC monitoring dashboards.