I've been reading about setting up SPF, DKIM, and DMARC. They say to start with p=none for monitoring, but I keep hearing about 'fixing issues' before switching to quarantine. What exactly are we supposed to fix? We've set things up, but we're noticing problems with emails from large universities forwarding our messages and messing up our headers, leading to SPF and DKIM failures. I reached out to one of the universities, and they said they can't do anything. So, what have you all done to resolve similar situations?
1 Answer
Usually, the focus is on ensuring that all services you run are included in your SPF and DKIM records. Sometimes, you might not be aware of services being used (shadow IT), so checking the list can help identify those. After fixing known services, you can confidently set your DMARC policy to quarantine or reject because anything else should ideally be spam.
Oh, so it's really about managing the list of services properly, right?