DMARC p=none vs p=quarantine vs p=reject: what to use and when

If you have set up DMARC on your domain, you have probably seen the p= tag and wondered what each...

sabato 23 maggio 2026 New tab

419 words~2 min read

If you have set up DMARC on your domain, you have probably seen the p= tag and wondered what each value actually does. The difference matters a lot. The wrong policy can mean your legitimate emails get rejected, or that spoofed emails from your domain land in inboxes without any consequence.

Here is what each policy does and how to decide which one to use.

What DMARC does

DMARC tells receiving mail servers what to do when an email claiming to be from your domain fails authentication. An email fails DMARC when it fails both SPF and DKIM alignment checks.

The p= tag sets the policy for those failures.

DMARC p=none vs p=quarantine vs p=reject: what to use and when

DMARC p=none vs p=quarantine vs p=reject: what to use and when

Other newsrooms on this story

Related reading

DMARC Is Now a Proper Internet Standard: What Changed in RFC 9989/9990/9991

How I got my business emails through spam filters with SPF, DKIM, and DMARC

How to Check If Your Email Is Protected with SPF, DKIM and DMARC

SPF record syntax explained: a practical guide for developers

In a first, a ransomware family is confirmed to be quantum-safe

Hackers Are Finding New Ways to Hide Malware in DNS Records

Other newsrooms on this story

Related reading

DMARC Is Now a Proper Internet Standard: What Changed in RFC 9989/9990/9991

How I got my business emails through spam filters with SPF, DKIM, and DMARC

How to Check If Your Email Is Protected with SPF, DKIM and DMARC

SPF record syntax explained: a practical guide for developers

In a first, a ransomware family is confirmed to be quantum-safe

Hackers Are Finding New Ways to Hide Malware in DNS Records