fixing the DMARC Policy

A guide to fixing the ‘DMARC Policy is Not Enabled’ error in 2025

Enabled error
DMARC Report
A guide to fixing the ‘DMARC Policy is Not Enabled’ error in 2025
Loading
/

You might have enabled DMARC, but unless you have correctly configured it and ensured that the policies are well implemented, you will face issues. Not to mention, your domain’s email deliverability will also face its blow. 

As a domain owner, it is important to understand that configuring your email-sending domain with DMARC just because the ESPs have mandated you to do so will not suffice in the constantly evolving threat landscape. After all, DMARC is not a protocol that you set once and simply forget about. It requires you to follow a strategic approach to protect your domain from phishing and spoofing attacks. 

If you think you’re doing everything right and yet encountering the  ‘DMARC Policy is Not Enabled’ error while sending emails, chances are that your DMARC implementation is incomplete or improperly configured

In this article, we will understand why you’re facing this issue and learn how to fix the ‘DMARC Policy is Not Enabled’ error. 

spoofing attack

Why are you encountering the ‘DMARC Policy is Not Enabled’ error?

Before we get into fixing the issue, let us understand why you’re coming across the “DMARC Policy is Not Enabled” error message in the first place.

The ‘DMARC Policy is Not Enabled’ error occurs when your domain isn’t fully set up to check and manage how emails are sent from it. Even if you’ve created a DMARC record, it might not be configured correctly, or it could be set to ‘none.’ This means your domain is only monitoring email activity but not stopping fake or unauthorized emails from being sent.

This may also mean there is no DMARC record altogether in your domain’s DNS settings or that your SPF and DKIM settings aren’t aligned with your DMARC policy. When these protocols do not align with each other, your emails may fail to authenticate, which might affect your email deliverability and leave your domain open to abuse.

DNS setting

How do you fix the ‘DMARC Policy is Not Enabled’ error?

Now that we know why the ‘DMARC Policy is Not Enabled’ prompt appears when you send emails to your clients, let us take a look at how you can fix this problem.

1. Define your DMARC policy 

As established earlier, you need to configure a DMARC policy, which will determine what will happen to the emails that fail SPF and DKIM authentication checks. You can set your DMARC policy to do one of three things:

2. Reject unauthorized emails

If you configure the DMARC policy at ‘p=reject,’ any email that fails both SPF and DKIM checks will be outrightly barred from reaching the recipient’s inbox. This is the strictest and the most secure option, as it prevents unauthorized or potentially harmful emails from being delivered. 

3. Hold off unauthorized emails for further review 

With the ‘p=quarantine’ DMARC policy, the emails that fail authentication are marked as suspicious and sent to the recipient’s spam or junk folder by the receiving server. The recipient then decides whether they want to engage with the email or ignore it. 

spam or junk folder

4. Do nothing about the unauthorized emails 

If you set the DMARC policy to ‘p=none,’ no action will be taken on emails that fail SPF and DKIM authentication checks. All emails, whether they pass or fail, will still be delivered to the recipient’s inbox. This policy is generally used for monitoring purposes, allowing you to collect data on email activity without affecting email delivery. 

5. Republish/Publish your DMARC record with the updated policy 

Once you’re satisfied with how your emails are waging with receiving servers, republish or publish your DMARC record with the updated policy. This means that when you upgrade your DMARC policy from p=none to p=quarantine or p=reject for stricter enforcement, you will have to update the DMARC record in your domain’s DNS settings to reflect the new policy. 

How do you address the ‘DMARC Quarantine/Reject Policy Not Enabled’ error?

If you see warnings like ‘DMARC Quarantine/Reject policy not enabled,’ ‘DMARC policy not enabled,’ or ‘No DMARC protection,’ it usually means your domain is set up with a DMARC policy of ‘none.’ This policy is useful for monitoring purposes but doesn’t actively stop unauthorized emails from being delivered.

email authentication

When you’re just starting with email authentication, it’s a good idea to use a ‘none’ policy to observe how emails are being sent and identify any issues without affecting delivery. However, a ‘none’ policy doesn’t offer protection against spoofing or impersonation. That’s why these error messages appear—they’re reminding you that your domain isn’t fully secured yet.

To fix this, you simply need to update the ‘p’ value in your DMARC record to either quarantine or reject, which enforces stricter rules

Here’s how your DMARC record might look before and after the update:

When in monitoring mode:

v=DMARC1; p=none; rua=mailto:xyz@example.com; ruf=mailto:xyz@example.com;

Enforcement (For rejecting unauthorized emails):

v=DMARC1; p=reject; rua=mailto:xyz@example.com; ruf=mailto:xyz@example.com;

Enforcement (For flagging suspicious emails):

v=DMARC1; p=quarantine; rua=mailto:xyz@example.com; ruf=mailto:xyz@example.com;
malicious attack

What’s next?

If you have followed the above steps and are no longer encountering the ‘DMARC Policy is Not Enabled’ error, good news: you’re now a step closer to improving your email deliverability and preventing malicious attacks

The next steps now are to monitor your DMARC reports regularly and fine-tune your email authentication setup as needed. These reports will give you valuable insights into how your domain is being used, including any unauthorized email activity or misconfigurations in your authentication settings. By staying on top of your DMARC reports and making adjustments as needed, you’ll keep your domain secure and ensure your emails reach the right inboxes.

security posture

If you’re unsure of how to make the best of DMARC’s reporting feature to strengthen your organization’s security posture, our team at DMARCReport is here to help you with it all! Get in touch with us to learn more. 

Similar Posts