DMARC Policy Readiness
Understanding when you're ready to upgrade
DMARC Policy Readiness
The Policy Readiness card tells you whether your domain is ready to move to a stricter
DMARC policy. It performs a set of safety checks before you (or the system automatically)
upgrades from p=none → p=quarantine → p=reject.
The Three Policies
| Policy | Effect on Failing Email | When to Use |
|---|---|---|
| p=none | Delivered normally — monitoring only | Starting point. Collect data, identify sources. |
| p=quarantine | Sent to spam/junk folder | 95%+ compliance. Legitimate email still gets through. |
| p=reject | Blocked completely — not delivered | 99%+ compliance. Maximum protection against spoofing. |
Readiness Requirements
| Requirement | For Quarantine | For Reject |
|---|---|---|
| DMARC Pass Rate | 95%+ | 99%+ |
| Minimum Email Volume | 1,000+ messages in the monitoring period | |
| Stable Compliance | No significant drops in the last 30 days | |
| No Critical Failures | No high-volume sources with both SPF and DKIM failing | |
Readiness Status Indicators
All requirements met. You can upgrade now, or let the automated progression handle it.
Pass rate is close but not quite there. Approve a few more sources to push over the threshold.
Compliance is too low or there are critical unresolved failures. Fix authentication issues before upgrading.
Gradual Rollout with pct=
DMARC Busta uses the pct= tag to apply policies incrementally rather than
all at once. For example, when moving to quarantine, you might progress through:
p=quarantine pct=10— 10% of failing emails go to spamp=quarantine pct=50— 50% of failing emails go to spamp=quarantine pct=100— all failing emails go to spam
This lets you catch any unexpected delivery issues before full enforcement applies.
Don't Skip Quarantine
Going straight from p=none to p=reject is risky.
The quarantine phase gives you time to catch legitimate sources that may have been missed
during the monitoring phase, before they're completely blocked.