- An attacker can send out a forged email pretending to be from your IP Address (known as IP spoofing)
- When an organization has any third party, e.g marketing companies, forwarding emails on their behalf, these emails will be perceived as fraud emails since they are not authorized in the SPF record. You may get over this issue by including theirs Email sending IPs in your authorized IPs list. At times when they change their IPs for their own reasons, it may be challenging to maintain their IP list in your SPF configuration.
No, it will not.
We only move to stage 3 once we have high confidence that we have identified all the email outgoing points (IPs) and accordingly have configured the authorized IPs, and digital signatures for all those points.
We will incrementally increase the percentage of emails being impacted by this policy. At a low percentage level, if NO legitimate emails get quarantined, we can move onto a higher percentage until we reach 100%. At each percentage level, the impact on emails is analyzed to verify that the legitimate emails are NOT being quarantined, eventually leading up to Quarantine Policy on 100% of the emails. This will enable us to move on to Stage 4 of DMARC.
DMARC reject policy tells the recipient of your emails that if both SPF and DKIM checks fail, reject the email.
Yes, it will impact all your emails.
The quarantine policy percentage levels help verify that no legitimate email is impacted by the DMARC policy. In other words, your SPF and DKIM records are properly configured with all your email sending points authorized. This enables the implementation of the reject policy on 100% of your emails, which will make you DMARC compliant.
Yes, it will, ONLY if your legitimate email fails the SPF and/or DKIM check. Since the quarantine policy percentages helped us verify and authorize all your legitimate email sending points, the only emails that would fail SPF and/or DKIM check would be forged (spoofed) emails.
You being on DMARC reject policy is the reason for enabling forensic reports. Since your SPF and DKIM mechanisms are implemented and working properly, the ONLY emails to be perceived as forged (spoof) will be genuine spoof attempts of your email domain. Furthermore, these reports will help analyze the data within these forged emails to identify what type of malicious URL or attachment was used.