A DMARC policy SHALL be published for every second-level domain.

Why This Matters

Without a published DMARC policy for your second-level domains, attackers can easily spoof your domain in phishing emails, damaging your organization's reputation and eroding trust with recipients. A DMARC policy helps email receivers authenticate messages from your domain, reducing the risk of spoofing and ensuring legitimate emails are delivered properly.

What Aether365 Checks

This check verifies that a DMARC DNS record exists for every second-level domain under your tenant. It appears in the Aether365 dashboard under the microsoft-365 section, alerting you to domains that still lack a published policy.