{"id":2140,"date":"2021-12-17T07:36:19","date_gmt":"2021-12-17T07:36:19","guid":{"rendered":"https:\/\/kdmarc.com\/blog\/?p=2140"},"modified":"2026-04-28T12:04:01","modified_gmt":"2026-04-28T06:34:01","slug":"switching-dmarc-policy-to-reject","status":"publish","type":"post","link":"https:\/\/threatcop.com\/blog\/switching-dmarc-policy-to-reject\/","title":{"rendered":"Switching DMARC Policy to Reject: Step-by-Step Guide"},"content":{"rendered":"<p style=\"text-align: justify;\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">If you have already secured your domain with <\/span><span style=\"color: #183994;\"><a style=\"color: #183994;\" href=\"https:\/\/kdmarc.com\/blog\/dmarc-a-prerequisite-for-email-domain-security\/\" target=\"_blank\" rel=\"noopener noreferrer\"><b>DMARC<\/b><\/a><\/span><span style=\"font-weight: 400;\">, you still have to make sure all the SPF, DKIM, and DMARC records are properly configured and the right DMARC policy has been enforced. While Reject is the strictest DMARC policy when it comes to security, it isn\u2019t always the most suitable choice for your domain. In this blog, we\u2019ll talk about <\/span><b>when is the right time to switch to the Reject policy and what is the best way to do it<\/b><span style=\"font-weight: 400;\">.&nbsp;<\/span><\/span><\/p><div id=\"ez-toc-container\" class=\"ez-toc-v2_0_84 ez-toc-wrap-center counter-hierarchy ez-toc-counter ez-toc-light-blue ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #414141;color:#414141\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #414141;color:#414141\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/threatcop.com\/blog\/switching-dmarc-policy-to-reject\/#What_are_the_3_DMARC_Policies\" >What are the 3 DMARC Policies?<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/threatcop.com\/blog\/switching-dmarc-policy-to-reject\/#DMARC_None_Policy_pn\" >DMARC None Policy (p=n)<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/threatcop.com\/blog\/switching-dmarc-policy-to-reject\/#DMARC_Quarantine_Policy_pq\" >DMARC Quarantine Policy (p=q)<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/threatcop.com\/blog\/switching-dmarc-policy-to-reject\/#DMARC_Reject_Policy_pr\" >DMARC Reject Policy (p=r)<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/threatcop.com\/blog\/switching-dmarc-policy-to-reject\/#When_to_Set_DMARC_Policy_to_Reject\" >When to Set DMARC Policy to Reject?<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/threatcop.com\/blog\/switching-dmarc-policy-to-reject\/#Book_a_Free_Demo_Call_with_Our_People_Security_Expert\" >Book a Free Demo Call with Our People Security Expert<\/a><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/threatcop.com\/blog\/switching-dmarc-policy-to-reject\/#Enter_your_details\" >Enter your details<\/a><\/li><\/ul><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/threatcop.com\/blog\/switching-dmarc-policy-to-reject\/#How_to_Set_DMARC_Policy_to_Reject\" >How to Set DMARC Policy to Reject?<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/threatcop.com\/blog\/switching-dmarc-policy-to-reject\/#Step_1_Start_DMARC_Monitoring\" >Step 1: Start DMARC Monitoring<\/a><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/threatcop.com\/blog\/switching-dmarc-policy-to-reject\/#Two_Types_of_DMARC_Reports\" >Two Types of DMARC Reports<\/a><ul class='ez-toc-list-level-5' ><li class='ez-toc-heading-level-5'><a class=\"ez-toc-link ez-toc-heading-11\" href=\"https:\/\/threatcop.com\/blog\/switching-dmarc-policy-to-reject\/#Aggregate_Reports_RUA\" >Aggregate Reports (RUA)<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-5'><a class=\"ez-toc-link ez-toc-heading-12\" href=\"https:\/\/threatcop.com\/blog\/switching-dmarc-policy-to-reject\/#Forensic_Reports_RUF\" >Forensic Reports (RUF)<\/a><\/li><\/ul><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-13\" href=\"https:\/\/threatcop.com\/blog\/switching-dmarc-policy-to-reject\/#Step_2_Continue_the_Analysis_of_DMARC_Reports\" >Step 2: Continue the Analysis of DMARC Reports<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-14\" href=\"https:\/\/threatcop.com\/blog\/switching-dmarc-policy-to-reject\/#Step_3_Switch_Your_DMARC_Policy_to_Quarantine\" >Step 3: Switch Your DMARC Policy to Quarantine<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-15\" href=\"https:\/\/threatcop.com\/blog\/switching-dmarc-policy-to-reject\/#Step_4_Switch_to_Reject_Policy\" >Step 4: Switch to Reject Policy<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-16\" href=\"https:\/\/threatcop.com\/blog\/switching-dmarc-policy-to-reject\/#Is_DMARC_Reject_Policy_Always_the_Right_Choice\" >Is DMARC Reject Policy Always the Right Choice?<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-17\" href=\"https:\/\/threatcop.com\/blog\/switching-dmarc-policy-to-reject\/#Conclusion\" >Conclusion<\/a><\/li><\/ul><\/li><\/ul><\/nav><\/div>\n\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400; color: #000000;\">But before we dive into that, let\u2019s review the basics first.<\/span><\/p>\n\n<style type=\"text\/css\">\n      @media print, screen and (max-width: 63.99875em){\n      .tnp-submit\n      width: 48%;\n      }\n      .wp-block-tnp-minimal{\n      padding: 20px;\n      }\n      .blog_para\n      margin-top: 4px !important;\n      line-height: 25px !important;\n      font-size: 15px !important;\n      }\n\n      }\n      .blog_para{\n      font-family: jost,sans-serif;\n      margin-top: 14px;\n      margin-bottom: 30px;\n      color: #fff;\n      font-size: 15px !important;\n      color: black !important;\n\n      }\n\n      .wp-block-tnp-minimal{\n      padding:20px;\n      border: 1px solid grey;\n      }\n\n      .tnp-submit a{\n        background: #1d58c7!important;\n    border-radius: 5px!important;\n    text-transform: inherit!important;\n    padding: 8px 25px!important;\n    font-weight: 600!important;\n    color: #fff!important;\n    width: 30%!important;\n    border: none;\n      }\n\n      .blog_get{\n      font-size: 24px !important;\n      font-weight: 700;\n      padding-bottom: 0px;\n    font-family: 'Poppins' !important;\n      margin-bottom: 0px;\n      margin-top: 0px;\n      margin-bottom: 0px !important;\n      color: white;\n          line-height: 30px;\n          color: white;\n      }\n      .row{\n             display: flex;\n    flex-wrap: wrap;\n    flex-direction: row;\n    padding: 25px 0px 25px 36px;\n    align-items: center;\n\n      }\n\n.colLeft{\n         flex-basis:50%;\n    -webkit-box-flex: 0;\n    flex-grow: 0;\n    max-width: 50%;\n    color: white;\n}\n    \n .colRight{\n       flex-basis: 45%;\n    -webkit-box-flex: 0;\n    flex-grow: 0;\n    max-width: 50%;\n }\n\n.tnp-subscription-minimal{\n    float: right;\n}\n<\/style>\n<div style=\"max-width: 741px; margin: 0 auto; background-image: url('https:\/\/awareness.threatcop.ai\/marketing\/linkedinlowerbanner.webp'); background-repeat: no-repeat; background-size: cover; background-position: center; \">\n<div class=\"row\">\n<div class=\"colLeft\">\n<p class=\"blog_get\" style=\"font-family: 'Poppins' !important; color: white !important\">Subscribe to Our Newsletter On Linkedin<\/p>\n<p class=\"blog_para\" style=\"font-size: 16px;font-family: 'Poppins' !important; color: white !important; margin-top: 10px; margin-bottom: 28px;line-height: 25px;\">Sign up to Stay Tuned with the Latest Cyber Security News and Updates<\/p>\n\n<div>\n<div class=\"tnp\" style=\"margin-bottom: 10px;\">\n            <form action=\"https:\/\/threatcop.com\/newsletter-thank-you\" method=\"get\" target=\"_blank\">\n<div class=\"tnp-submit\">\n                  <a class=\"libutton\" href=\"https:\/\/www.linkedin.com\/build-relation\/newsletter-follow?entityUrn=7062043746430783488\" target=\"_blank\" rel=\"noopener\">Subscribe<\/a><\/div>\n<\/form><\/div>\n<\/div>\n<\/div>\n<div class=\"colRight\">\n<div>\n<div class=\"tnp tnp-subscription-minimal \">\n            <img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/marketing\/newsletter-icon.webp\" class=\"img-fluid\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"What_are_the_3_DMARC_Policies\"><\/span><span style=\"color: #000000;\"><b>What are the 3 DMARC Policies?<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">There are 3 DMARC policies available for you to choose from according to your email domain security needs.&nbsp;<\/span><\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"2240\" height=\"1260\" src=\"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2021\/12\/DMARC-1.webp\" alt=\"\" class=\"wp-image-11473\"\/><\/figure>\n\n\n\n<h3 class=\"wp-block-heading has-medium-font-size\"><span class=\"ez-toc-section\" id=\"DMARC_None_Policy_pn\"><\/span><span style=\"color: #000000;\"><strong>DMARC None Policy (p=n)<\/strong><\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">Also known as a Monitoring Only policy, it instructs the ISPs to send the reports to the email address published in the RUA or RUF tag of your domain\u2019s DMARC record. Helping you gain deep insights into your email channel, this policy doesn\u2019t affect <\/span><span style=\"color: #183994;\"><a style=\"color: #183994;\" href=\"https:\/\/threatcop.com\/blog\/increase-domain-reputation-and-email-deliverability\/\"><b>email deliverability<\/b><\/a><\/span><span style=\"font-weight: 400;\"> at all. <\/span><b>It allows all emails to reach the recipient\u2019s inbox<\/b><span style=\"font-weight: 400;\">, <\/span><b>regardless of whether or not they are DMARC-compliant<\/b><span style=\"font-weight: 400;\">.&nbsp;<\/span><\/span><\/p>\n\n\n\n<h3 class=\"wp-block-heading has-medium-font-size\"><span class=\"ez-toc-section\" id=\"DMARC_Quarantine_Policy_pq\"><\/span><span style=\"color: #000000;\"><strong>DMARC Quarantine Policy (p=q)<\/strong><\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">In addition to sending reports, <\/span><b>this policy instructs the ISPs to redirect all the emails that fail DMARC authentication to the intended recipient\u2019s spam folder<\/b><span style=\"font-weight: 400;\">. Emails that successfully pass DMARC authentication are delivered to the recipient\u2019s primary inbox. While this policy helps in limiting the impact of email spoofing, it still allows spoofed emails to reach the receiver.&nbsp;<\/span><\/span><\/p>\n\n\n\n<h3 class=\"wp-block-heading has-medium-font-size\"><span class=\"ez-toc-section\" id=\"DMARC_Reject_Policy_pr\"><\/span><span style=\"color: #000000;\"><strong>DMARC Reject Policy (p=r)<\/strong><\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">Apart from sending reports, <\/span><b>this policy instructs the ISPs to completely prevent any email failing DMARC authentication from being delivered<\/b><span style=\"font-weight: 400;\">. Emails that successfully pass DMARC authentication are delivered to the recipient\u2019s primary inbox. It effectively mitigates the impact of email spoofing by preventing all spoofed emails from reaching the recipient\u2019s inbox.<\/span><\/span><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"When_to_Set_DMARC_Policy_to_Reject\"><\/span><span style=\"color: #000000;\"><b>When to Set DMARC Policy to Reject?<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">Before you decide to set your DMARC policy to either reject or quarantine, it is essential to have insights into your email channel. Enforcing the DMARC None policy is the best way to gain the necessary insights. For this reason, <\/span>it is highly advisable to start your<b> <\/b><span style=\"color: #183994;\"><a style=\"color: #183994;\" href=\"https:\/\/threatcop.com\/blog\/how-to-find-an-effective-dmarc-deployment-tool\/\"><b>DMARC deployment<\/b><\/a><\/span> process with the \u2018none\u2019 policy<span style=\"font-weight: 400;\">. This will allow you to correctly authenticate all authorized sources that send emails on behalf of your organization.\u00a0<\/span><\/span><\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-774b6820a79f03d76aa30fdc7a083a56 wp-block-paragraph\"><span style=\"color: #000000;\"><b>Once all authorized sources have been properly authenticated and their DMARC compliance is<\/b><\/span> around 100%, you can enforce the reject policy. This will help in preventing low deliverability rates for legitimate emails. It is recommended to switch your DMARC policy to reject in small steps by using the percentage tag (pct) in the DMARC record. This will minimize the risk of reduced email deliverability and maximize the likelihood of legitimate email delivery<span style=\"color: #000000;\"><span style=\"font-weight: 400;\">.\u00a0<\/span><\/span><\/p>\n\n\n\n<!DOCTYPE html>\n<html lang=\"en\">\n\n<head>\n    <meta charset=\"UTF-8\">\n    <meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n    <meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\">\n    <title>Document<\/title>\n<\/head>\n\n<style>\n    .interestedBtn {\n        width: 80% !important;\n        box-sizing: border-box !important;\n        display: inline-block !important;\n        padding: 11px !important;\n        border: 1px !important;\n        border-color: #ddd !important;\n        margin-top: 10px !important;\n        background-color: #183e8b !important;\n        background-image: none !important;\n        text-shadow: none !important;\n        color: #fff !important;\n        font-size: 14px !important;\n        line-height: 20px !important;\n        border-radius: 5px !important;\n        margin: 0 !important;\n        cursor: pointer !important;\n        box-shadow: 0px 4.66px 22.99px 0px rgba(0, 0, 0, 0.10);;\n    }\n\n\n        .formSec .formSecTwo{\n            padding-top: 15px !important;\n            margin-bottom: 30px !important;\n        }\n\n\n    .tnp-email {\n        width: 80% !important;\n        box-sizing: border-box;\n        padding: 8px 10px;\n        display: inline-block;\n        border: 1px solid #ced4da;\n        background: #fff;\n        color: #000 !important;\n        font-size: 13px;\n        line-height: 20px;\n        border-radius: 2px;\n        padding-right: 30px;\n        margin-bottom: 0px;\n    }\n\n    .formSec {\n        border: 1px solid #ced4da;\n        float: left !important;\n        width: 55% !important;\n    }\n\n    .mainBox {\n       \/* border: 1px solid #183e8b;*\/\n         background: white;\n        max-width: 600px !important;\n        margin: 0 auto !important;\n        padding: 20px !important;\n        font-family: Arial, Helvetica, sans-serif !important;\n    }\n\n    .boxDiv {\n        display: flex !important;\n    }\n\n    .boxConsult {\n        float: left !important;\n        width: 45% !important;\n        padding: 10px !important;\n    }\n\n    .formSecTwo {\n        text-align:center !important;\n        width: 100% !important;\n    }\n\n    .formHeading {\n        font-family: Arial, Helvetica, sans-serif;\n        margin-top: 0px;\n        font-weight: 700;\n        line-height: 25px;\n        font-size: 18px !important;\n        \n       margin-bottom: 60px !important;\n       color: #000!important;\n          margin-top: 5px !important;\n    }\n\n    .fieldHeading {\n        margin: 0 !important;\n        font-size: 13px !important;\n        text-align: left !important;\n        margin: 0px 39px 2px 93px !important;\n        font-weight: 500 !important;\n    }\n\n    .image {\n        max-width:90% !important;\n        height: auto !important;\n    }\n\n     .email-icon {\n            position: absolute;\n            right: 50px;\n             top: 20px;\n            transform: translateY(-50%);\n            pointer-events: none; \n        }\n\n          .email-container{\n             position: relative;\n         \n        }\n       \n\n        .email-icon img{\n                 width: 15px;\n        }\n\n\n         input::placeholder {\n            color:#495057;\n        }\n\n\n     ::placeholder {\n        color: #495057;\n    }\n\n        ::-ms-input-placeholder { \n          color:#495057;\n        }\n\n\n        input:-webkit-autofill {\n            background-color: transparent !important;\n            -webkit-box-shadow: 0 0 0px 1000px white inset !important; \n            box-shadow: 0 0 0px 1000px white inset !important;\n            color: #495057 !important; \n        }\n\n        \n        input {\n            color:#495057 !important;\n        }\n\n\n    @media screen and (max-width: 480px) {\n        .boxDiv {\n            display: block !important;\n            padding: 15px !important;\n         \n        }\n\n        .image{\n        width: 80% !important;\n         margin-bottom: 14px;\n        }\n        .fieldHeading {\n            text-align: left !important;\n            margin: unset !important;\n        }\n\n        .boxConsult {\n            width: unset !important;\n            float: none !important;\n        }\n\n        .mainBox {\n            border: unset !important;\n        }\n\n        .formSec {\n            float: unset !important;\n            width: 100% !important;\n        }\n\n        .formSecTwo {\n            text-align: center !important;\n        }\n\n        .tnp-email {\n            width: 90% !important;\n        }\n\n        .formHeading {\n            margin-bottom: unset !important;\n        }\n\n         .email-icon {\n            position: absolute;\n            right: 25px;\n            top: 58%;\n            transform: translateY(-50%);\n            pointer-events: none; \/* Make sure the icon doesn't block clicking on the input *\/\n        }\n       \n        .email-container{\n             position: relative;\n        }\n\n    }\n<\/style>\n\n<body>\n\n    <div class=\"mainBox\" box-sizing:=\"\" border-box;=\"\">\n\n        <div class=\"boxDiv\">\n\n            <div class=\"boxConsult\">\n                <div>\n                    <h3 class=\"formHeading\" style=\" font-size: 16px !important;\"><span class=\"ez-toc-section\" id=\"Book_a_Free_Demo_Call_with_Our_People_Security_Expert\"><\/span>\n                        Book a Free Demo Call with Our People Security Expert<span class=\"ez-toc-section-end\"><\/span><\/h3>\n                <\/div>\n                <img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/threatcop_blog\/form.svg\" class=\"image\">\n            <\/div>\n\n            <div class=\"formSec\">\n                <div class=\" formSecTwo\">\n                    <h4 style=\"margin-top: 0; font-size: 16px !important;\"><span class=\"ez-toc-section\" id=\"Enter_your_details\"><\/span>Enter your details<span class=\"ez-toc-section-end\"><\/span><\/h4>\n                    <div class=\"tnp tnp-subscription-minimal\">\n                        <form action=\"https:\/\/threatcop.com\/thankyou-blog\" method=\"get\" target=\"_blank\">\n                            <div class=\"email-container\" style=\"margin-bottom:20px;\">\n\n                                <input class=\"tnp-email\" type=\"text\" required=\"\" name=\"FullName\" value=\"\"\n                                    placeholder=\"Full Name\">\n                                    <span class=\"email-icon\"><img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/threatcop_blog\/icon01.svg\" class=\"img-fluid\" \/><\/span>\n                            <\/div>\n\n                            <div class=\"email-container\" style=\"margin-bottom:20px;\">\n                               \n                                <input class=\"tnp-email\" type=\"email\" required=\"\" name=\"email\" value=\"\"\n                                    placeholder=\"Corporate Email Id\">\n                                     <span class=\"email-icon\"><img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/threatcop_blog\/icon02.svg\" class=\"img-fluid\" \/><\/span>\n                            <\/div>\n\n                            <div class=\"email-container\" style=\"margin-bottom:20px;\">\n                               \n                                <input class=\"tnp-email\" type=\"text\" required=\"\" name=\"CompanyName\" value=\"\"\n                                    placeholder=\"Company Name\">\n                                    <span class=\"email-icon\"><img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/threatcop_blog\/icon03.svg\" class=\"img-fluid\" \/><\/span>\n\n                            <\/div>\n\n                            <div class=\"email-container\">\n                               \n                                <input class=\"tnp-email\" type=\"number\" required=\"\" name=\"Phone\" value=\"\"\n                                    placeholder=\"Phone No.\"><br>\n                                    <span class=\"email-icon\"><img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/threatcop_blog\/icon04.svg\" class=\"img-fluid\" \/><\/span>\n                            <\/div>\n                            <input type=\"hidden\" name=\"BlogForm\" value=\"BlogForm\"><br>\n                            <input class=\"tnp-submit interestedBtn\" name=\"submit\" type=\"submit\"\n                                value=\"SUBMIT\">\n\n                        <\/form>\n                    <\/div>\n                <\/div>\n            <\/div>\n\n        <\/div>\n    <\/div>\n\n<\/body>\n\n<\/html>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"How_to_Set_DMARC_Policy_to_Reject\"><\/span><span style=\"color: #000000;\"><b>How to Set DMARC Policy to Reject?<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">If you feel you have reached the stage where your domain is ready for the reject policy, here is a step-by-step guide to help you switch your DMARC policy to reject.&nbsp;<\/span><\/p>\n\n\n\n<h3 class=\"wp-block-heading has-medium-font-size\"><span class=\"ez-toc-section\" id=\"Step_1_Start_DMARC_Monitoring\"><\/span><span style=\"color: #000000;\"><b>Step 1: Start DMARC Monitoring<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\">First, start monitoring your domain by deploying DMARC<span style=\"font-weight: 400;\">. Once you have implemented DMARC, ISPs send DMARC reports to the email address published in your DMARC record every day.\u00a0<\/span><\/span><\/p>\n\n\n\n<h4 class=\"wp-block-heading has-medium-font-size\"><span class=\"ez-toc-section\" id=\"Two_Types_of_DMARC_Reports\"><\/span><span style=\"color: #000000;\"><b>Two Types of DMARC Reports<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">There are two types of DMARC reports sent by the ISPs- <\/span>Aggregate (RUA) and Forensic (RUF)<span style=\"font-weight: 400;\">. Here is some information about these reports.<\/span><\/span><\/p>\n\n\n\n<h5 class=\"wp-block-heading has-medium-font-size\"><span class=\"ez-toc-section\" id=\"Aggregate_Reports_RUA\"><\/span>Aggregate Reports (RUA)<span class=\"ez-toc-section-end\"><\/span><\/h5>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">Aggregate reports are sent to your email address every day for providing a detailed overview of your domain\u2019s email traffic. These reports <\/span><\/span><span style=\"box-sizing: border-box; margin: 0px; padding: 0px;\"><span style=\"color:#000000\">list all IP addresses that have attempted to send emails from your domain<\/span><\/span><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">.<\/span><\/span><\/p>\n\n\n\n<h5 class=\"wp-block-heading has-medium-font-size\"><span class=\"ez-toc-section\" id=\"Forensic_Reports_RUF\"><\/span>Forensic Reports (RUF)<span class=\"ez-toc-section-end\"><\/span><\/h5>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">Forensic reports send you real-time alerts in case emails sent from your domain fail to deliver. These reports always include <\/span><b>original message headers and may include original messages<\/b><span style=\"font-weight: 400;\">.&nbsp;<\/span><\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">While monitoring your domain with DMARC in the initial stages<\/span><b>, make sure to set your DMARC policy to None<\/b><span style=\"font-weight: 400;\">. This ensures that you receive DMARC reports without any effect on your mail flow.<\/span><\/span><\/p>\n\n\n\n<h3 class=\"wp-block-heading has-medium-font-size\"><span class=\"ez-toc-section\" id=\"Step_2_Continue_the_Analysis_of_DMARC_Reports\"><\/span><span style=\"color: #000000;\"><b>Step 2: Continue the Analysis of DMARC Reports<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><b>Stay on None policy for a while and use that time to configure your domain\u2019s SPF and DKIM records.<\/b><span style=\"font-weight: 400;\"> In the meantime, keep an eye on all the DMARC reports you receive. These reports will inform you about which DKIM selectors are used and which senders are sending emails from your domain. They also show how many of your emails are passing and failing DMARC authentication.&nbsp;<\/span><\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">Make sure your SPF record includes all of your legitimate senders and nothing extra or unnecessary. Don\u2019t forget the <\/span><span style=\"color: #183994;\"><strong><a style=\"color: #183994;\" href=\"https:\/\/threatcop.com\/blog\/spf-flattening\/\">importance of SPF flattening<\/a><\/strong><\/span><span style=\"font-weight: 400;\"> and make sure the number of DNS lookups doesn\u2019t exceed 10. Use a different DKIM selector for each sender and only include selectors that are in use. Make sure your DKIM keys are secure and periodically changed.&nbsp;<\/span><\/span><\/p>\n\n\n\n<h3 class=\"wp-block-heading has-medium-font-size\"><span class=\"ez-toc-section\" id=\"Step_3_Switch_Your_DMARC_Policy_to_Quarantine\"><\/span><span style=\"color: #000000;\"><b>Step 3: Switch Your DMARC Policy to Quarantine<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">Once your SPF and DKIM records are configured properly, you can consider changing your policy to Quarantine. This policy causes all of your unauthenticated emails to be redirected to the recipient\u2019s spam. <\/span>While deciding whether or not you are ready for the Quarantine policy, take into account the type and number of emails that would be affected by the change<span style=\"font-weight: 400;\">.<\/span><\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">For instance, if a large number of emails being sent to customers and partners are failing DMARC authentication, it might not be the right time for you to switch to quarantine. Whereas, if only a small number of promotional emails are failing authentication, you might be ready for the switch. Depending on your priorities and mail flow, the readiness to enforce the quarantine policy can vary from domain to domain.&nbsp;<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">As mentioned before, <\/span><b>it is highly advisable to set the policy in small steps by adjusting the percentage of emails for which the ISPs enforce the quarantine<\/b><span style=\"font-weight: 400;\">. For example, you can begin by setting the pct tag in your DMARC record to 5%. This means that only 5% of the unauthenticated emails will be redirected to spam. You can then slowly increase the percentage to 20% after making the required changes in the SPF and DKIM configurations. Doing this will allow you to ease into the quarantine policy without any major loss of legitimate mail flow.&nbsp;<\/span><\/span><\/p>\n\n\n\n<h3 class=\"wp-block-heading has-medium-font-size\"><span class=\"ez-toc-section\" id=\"Step_4_Switch_to_Reject_Policy\"><\/span><span style=\"color: #000000;\"><b>Step 4: Switch to Reject Policy<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">Once you are sure that your transition to quarantine has been completed and that very few of your emails are landing in spam, it\u2019s the right time to switch to the Reject policy. When enforced correctly, the Reject policy should not affect your email flow. Just keep in mind that this policy completely blocks out the unauthenticated emails.<\/span><\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><b>If any of your emails are still landing in the recipients\u2019 spam, you shouldn\u2019t switch your DMARC policy to Reject<\/b><span style=\"font-weight: 400;\">. It is recommended to switch to reject in small steps using the percentage tag, just like with quarantine. <\/span><b>Once you are sure that most of your important emails are reaching the recipients\u2019 primary inbox, you can switch the DMARC policy to full rejec<\/b><span style=\"font-weight: 400;\"><strong>t<\/strong>.&nbsp;<\/span><\/span><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Is_DMARC_Reject_Policy_Always_the_Right_Choice\"><\/span><span style=\"color: #000000;\"><b>Is DMARC Reject Policy Always the Right Choice?<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">Regardless of how accurately and carefully you authenticate your valid sources, <\/span><b>it is very rare for an organization to achieve 100% DMARC compliance on all the valid sources<\/b><span style=\"font-weight: 400;\">. Very often, a small percentage of the emails sent from valid sources fail DMARC authentication. This means that <\/span><b>at least a few of the legitimate emails sent from your domain will be blocked when you switch the DMARC policy to full reject<\/b><span style=\"font-weight: 400;\">.&nbsp;<\/span><\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">While switching to a full reject policy might result in the loss of a few legitimate emails, it is also very important for organizations to fully secure their email domain against impersonation and abuse. The adverse impact caused by the failure of delivery of a legitimate email is still much lower than the effect caused by a malicious email being delivered successfully.&nbsp;<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">However, this is not the case for every organization. There are certain companies that need to prioritize deliverability over security. In these cases, <\/span><b>it is recommended to at least set your DMARC policy to a full quarantine<\/b><span style=\"font-weight: 400;\">. Doing this will not only lessen the impact of a malicious email slipping through but also make sure that all your legitimate emails are reaching the recipient, even if they sometimes land in spam.&nbsp;<\/span><\/span><\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter\"><img decoding=\"async\" src=\"https:\/\/media.giphy.com\/media\/QURMV9CNQd3DdmJOTg\/giphy.gif\" alt=\"Make Sure You Are Ready for Reject Policy\"\/><\/figure>\n<\/div>\n\n\n<p class=\"wp-block-paragraph\"><\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Conclusion\"><\/span><span style=\"color: #000000;\"><b>Conclusion<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">If the security of your email domain is a priority for you, it is a good idea to enforce the Reject policy. Before taking any action, ensure that your SPF and DKIM configurations are at a point where the policy will not affect your deliverability. Make sure you follow all the steps given above carefully to ensure maximum email deliverability as well as strong security.&nbsp;<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\">You can implement a DMARC deployment tool like <span style=\"color: #183994;\"><a style=\"color: #183994;\" href=\"https:\/\/threatcop.com\/tdmarc\"><b>TDMARC<\/b><\/a><\/span> to make the entire process much easier and hassle-free. Packed with an array of dynamic features like Smart SPF, Smart DMARC, Smart BIMI, and Automatic SPF Flattening, <a href=\"https:\/\/threatcop.com\/tdmarc\">TDMARC <\/a>can help you easily configure your domain\u2019s SPF, DKIM and DMARC records.\u00a0<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">To mark Cybersecurity Awareness Month, Threatcop collaborated with 31 respected CISOs and CTOs from prominent organizations. Together, we&#8217;re working towards a safer digital future. <\/span><\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><a href=\"https:\/\/threatcop.com\/people-security-guide\"><img loading=\"lazy\" decoding=\"async\" width=\"4950\" height=\"1237\" src=\"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2021\/12\/Copy-of-Insights-from-Indias-Prominent.webp\" alt=\"\" class=\"wp-image-11479\"\/><\/a><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\"><strong>Explore Here: <\/strong><a href=\"https:\/\/threatcop.com\/cybersecurity-awareness-month-video-gallery\">31 Cybersecurity Awareness Ideas from Security Leaders<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>If you have already secured your domain with DMARC, you still have to make sure all the SPF, DKIM, and DMARC records are properly configured and the right DMARC policy has been enforced. While Reject is the strictest DMARC policy when it comes to security, it isn\u2019t always the most suitable choice for your domain. [&hellip;]<\/p>\n","protected":false},"author":5,"featured_media":7277,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[46],"tags":[],"class_list":["post-2140","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-dmarc"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>All You Need to Know About Switching DMARC Policy to Reject<\/title>\n<meta name=\"description\" content=\"Want to ensure strong email domain security by switching your DMARC policy to reject? Here&#039;s how you can do it correctly...\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/threatcop.com\/blog\/switching-dmarc-policy-to-reject\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"All You Need to Know About Switching DMARC Policy to Reject\" \/>\n<meta property=\"og:description\" content=\"Want to ensure strong email domain security by switching your DMARC policy to reject? Here&#039;s how you can do it correctly...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/threatcop.com\/blog\/switching-dmarc-policy-to-reject\/\" \/>\n<meta property=\"og:site_name\" content=\"Threatcop\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/people\/Threatcop\/100083109892339\/\" \/>\n<meta property=\"article:published_time\" content=\"2021-12-17T07:36:19+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-04-28T06:34:01+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2021\/12\/Switching-DMARC-Policy-to-Reject.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"1250\" \/>\n\t<meta property=\"og:image:height\" content=\"1200\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/webp\" \/>\n<meta name=\"author\" content=\"Dip Jung Thapa\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatcop\" \/>\n<meta name=\"twitter:site\" content=\"@threatcop\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Dip Jung Thapa\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"22 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/switching-dmarc-policy-to-reject\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/switching-dmarc-policy-to-reject\\\/\"},\"author\":{\"name\":\"Dip Jung Thapa\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/person\\\/75585994ee4cb3e8b24fe7375dc85ee8\"},\"headline\":\"Switching DMARC Policy to Reject: Step-by-Step Guide\",\"datePublished\":\"2021-12-17T07:36:19+00:00\",\"dateModified\":\"2026-04-28T06:34:01+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/switching-dmarc-policy-to-reject\\\/\"},\"wordCount\":1538,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/switching-dmarc-policy-to-reject\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/12\\\/Switching-DMARC-Policy-to-Reject.webp\",\"articleSection\":[\"DMARC\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/threatcop.com\\\/blog\\\/switching-dmarc-policy-to-reject\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/switching-dmarc-policy-to-reject\\\/\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/switching-dmarc-policy-to-reject\\\/\",\"name\":\"All You Need to Know About Switching DMARC Policy to Reject\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/switching-dmarc-policy-to-reject\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/switching-dmarc-policy-to-reject\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/12\\\/Switching-DMARC-Policy-to-Reject.webp\",\"datePublished\":\"2021-12-17T07:36:19+00:00\",\"dateModified\":\"2026-04-28T06:34:01+00:00\",\"description\":\"Want to ensure strong email domain security by switching your DMARC policy to reject? Here's how you can do it correctly...\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/switching-dmarc-policy-to-reject\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/threatcop.com\\\/blog\\\/switching-dmarc-policy-to-reject\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/switching-dmarc-policy-to-reject\\\/#primaryimage\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/12\\\/Switching-DMARC-Policy-to-Reject.webp\",\"contentUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/12\\\/Switching-DMARC-Policy-to-Reject.webp\",\"width\":1250,\"height\":1200,\"caption\":\"Switching DMARC Policy to Reject\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/switching-dmarc-policy-to-reject\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Switching DMARC Policy to Reject: Step-by-Step Guide\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/\",\"name\":\"Threatcop\",\"description\":\"Cybersecurity Blogs, News, Updates, and Articles\",\"publisher\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#organization\",\"name\":\"Threatcop\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/threatcop-logo-black-1.png\",\"contentUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/threatcop-logo-black-1.png\",\"width\":432,\"height\":102,\"caption\":\"Threatcop\"},\"image\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/people\\\/Threatcop\\\/100083109892339\\\/\",\"https:\\\/\\\/x.com\\\/threatcop\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/threatcop\\\/\",\"https:\\\/\\\/www.instagram.com\\\/threatcop_official\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/person\\\/75585994ee4cb3e8b24fe7375dc85ee8\",\"name\":\"Dip Jung Thapa\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/10\\\/avatar_user_5_1698662450.jpeg\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/10\\\/avatar_user_5_1698662450.jpeg\",\"contentUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/10\\\/avatar_user_5_1698662450.jpeg\",\"caption\":\"Dip Jung Thapa\"},\"description\":\"Co-Founder &amp; COO at Threatcop\u00a0 Department: Operations and Marketing Dip Jung Thapa, Chief Operating Officer (COO) of Threatcop, a leading cybersecurity company dedicated to enhancing people security management for businesses. With a profound understanding of cybersecurity issues, Dip plays a pivotal role in driving Threatcop's mission to safeguard people's digital lives.\u00a0\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"All You Need to Know About Switching DMARC Policy to Reject","description":"Want to ensure strong email domain security by switching your DMARC policy to reject? Here's how you can do it correctly...","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/threatcop.com\/blog\/switching-dmarc-policy-to-reject\/","og_locale":"en_US","og_type":"article","og_title":"All You Need to Know About Switching DMARC Policy to Reject","og_description":"Want to ensure strong email domain security by switching your DMARC policy to reject? Here's how you can do it correctly...","og_url":"https:\/\/threatcop.com\/blog\/switching-dmarc-policy-to-reject\/","og_site_name":"Threatcop","article_publisher":"https:\/\/www.facebook.com\/people\/Threatcop\/100083109892339\/","article_published_time":"2021-12-17T07:36:19+00:00","article_modified_time":"2026-04-28T06:34:01+00:00","og_image":[{"width":1250,"height":1200,"url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2021\/12\/Switching-DMARC-Policy-to-Reject.webp","type":"image\/webp"}],"author":"Dip Jung Thapa","twitter_card":"summary_large_image","twitter_creator":"@threatcop","twitter_site":"@threatcop","twitter_misc":{"Written by":"Dip Jung Thapa","Est. reading time":"22 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/threatcop.com\/blog\/switching-dmarc-policy-to-reject\/#article","isPartOf":{"@id":"https:\/\/threatcop.com\/blog\/switching-dmarc-policy-to-reject\/"},"author":{"name":"Dip Jung Thapa","@id":"https:\/\/threatcop.com\/blog\/#\/schema\/person\/75585994ee4cb3e8b24fe7375dc85ee8"},"headline":"Switching DMARC Policy to Reject: Step-by-Step Guide","datePublished":"2021-12-17T07:36:19+00:00","dateModified":"2026-04-28T06:34:01+00:00","mainEntityOfPage":{"@id":"https:\/\/threatcop.com\/blog\/switching-dmarc-policy-to-reject\/"},"wordCount":1538,"commentCount":0,"publisher":{"@id":"https:\/\/threatcop.com\/blog\/#organization"},"image":{"@id":"https:\/\/threatcop.com\/blog\/switching-dmarc-policy-to-reject\/#primaryimage"},"thumbnailUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2021\/12\/Switching-DMARC-Policy-to-Reject.webp","articleSection":["DMARC"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/threatcop.com\/blog\/switching-dmarc-policy-to-reject\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/threatcop.com\/blog\/switching-dmarc-policy-to-reject\/","url":"https:\/\/threatcop.com\/blog\/switching-dmarc-policy-to-reject\/","name":"All You Need to Know About Switching DMARC Policy to Reject","isPartOf":{"@id":"https:\/\/threatcop.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/threatcop.com\/blog\/switching-dmarc-policy-to-reject\/#primaryimage"},"image":{"@id":"https:\/\/threatcop.com\/blog\/switching-dmarc-policy-to-reject\/#primaryimage"},"thumbnailUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2021\/12\/Switching-DMARC-Policy-to-Reject.webp","datePublished":"2021-12-17T07:36:19+00:00","dateModified":"2026-04-28T06:34:01+00:00","description":"Want to ensure strong email domain security by switching your DMARC policy to reject? Here's how you can do it correctly...","breadcrumb":{"@id":"https:\/\/threatcop.com\/blog\/switching-dmarc-policy-to-reject\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/threatcop.com\/blog\/switching-dmarc-policy-to-reject\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/threatcop.com\/blog\/switching-dmarc-policy-to-reject\/#primaryimage","url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2021\/12\/Switching-DMARC-Policy-to-Reject.webp","contentUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2021\/12\/Switching-DMARC-Policy-to-Reject.webp","width":1250,"height":1200,"caption":"Switching DMARC Policy to Reject"},{"@type":"BreadcrumbList","@id":"https:\/\/threatcop.com\/blog\/switching-dmarc-policy-to-reject\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/threatcop.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Switching DMARC Policy to Reject: Step-by-Step Guide"}]},{"@type":"WebSite","@id":"https:\/\/threatcop.com\/blog\/#website","url":"https:\/\/threatcop.com\/blog\/","name":"Threatcop","description":"Cybersecurity Blogs, News, Updates, and Articles","publisher":{"@id":"https:\/\/threatcop.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/threatcop.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/threatcop.com\/blog\/#organization","name":"Threatcop","url":"https:\/\/threatcop.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/threatcop.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2026\/06\/threatcop-logo-black-1.png","contentUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2026\/06\/threatcop-logo-black-1.png","width":432,"height":102,"caption":"Threatcop"},"image":{"@id":"https:\/\/threatcop.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/people\/Threatcop\/100083109892339\/","https:\/\/x.com\/threatcop","https:\/\/www.linkedin.com\/company\/threatcop\/","https:\/\/www.instagram.com\/threatcop_official\/"]},{"@type":"Person","@id":"https:\/\/threatcop.com\/blog\/#\/schema\/person\/75585994ee4cb3e8b24fe7375dc85ee8","name":"Dip Jung Thapa","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/10\/avatar_user_5_1698662450.jpeg","url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/10\/avatar_user_5_1698662450.jpeg","contentUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/10\/avatar_user_5_1698662450.jpeg","caption":"Dip Jung Thapa"},"description":"Co-Founder &amp; COO at Threatcop\u00a0 Department: Operations and Marketing Dip Jung Thapa, Chief Operating Officer (COO) of Threatcop, a leading cybersecurity company dedicated to enhancing people security management for businesses. With a profound understanding of cybersecurity issues, Dip plays a pivotal role in driving Threatcop's mission to safeguard people's digital lives.\u00a0"}]}},"_links":{"self":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts\/2140","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/comments?post=2140"}],"version-history":[{"count":22,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts\/2140\/revisions"}],"predecessor-version":[{"id":13972,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts\/2140\/revisions\/13972"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/media\/7277"}],"wp:attachment":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/media?parent=2140"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/categories?post=2140"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/tags?post=2140"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}