DMARC p=none explained (and why it's not enough)
DMARC p=none is the monitor-only policy: receiving servers send you reports about messages that fail DMARC, but they still deliver those messages. It is the correct first step because it gives visibility without risking your legitimate mail — but it provides zero protection against spoofing. To actually block impersonation you must progress to p=quarantine and then p=reject.
Check your domain now with the free DMARC checker — see your SPF, DKIM and DMARC status in seconds.
What p=none actually does
The "p" tag is the policy receivers apply to mail that fails DMARC alignment. p=none means "take no action, just report." You get aggregate (rua) reports showing which sources send as your domain, which is invaluable for finding legitimate senders you forgot about — but a forged message still lands in the inbox.
Why staying at p=none is risky
Many domains publish p=none and never move on, believing they are "DMARC protected." They are not. Anti-spoofing protection only exists at p=quarantine (fail mail to spam) or p=reject (block it outright). Leaving p=none in place indefinitely gives a false sense of security while attackers can still impersonate you.
How to move from p=none to p=reject safely
Read your aggregate reports until every legitimate sender passes SPF or DKIM alignment. Then change the policy to p=quarantine (optionally with pct=25 to ramp gradually), monitor again, and finally set p=reject. VeruMail tracks your reports and tells you when it is safe to tighten the policy without losing legitimate mail.
Frequently asked questions
Is DMARC p=none secure?
No. p=none only monitors and reports; it does not stop spoofing. Real protection requires p=quarantine or p=reject.
How long should I stay on p=none?
Usually one to four weeks — long enough to confirm all legitimate senders pass alignment before you tighten the policy.
Fix this for your domain — free
Create a free account for the exact DNS records and 24/7 monitoring of your first domain, free forever.
Start free