Why DMARC matters more than ever: Email’s Not Dead season 6 ep. 1 recap

DMARC is no longer optional

The role of DMARC is growing. Once seen as a nice-to-have, DMARC has become essential in the fight against spoofing, phishing, and spam.

While DMARC may have been "the fun topic of 2024," in 2025 it’s evolved from a trendy niche subject to a major requirement. That’s why Mailgun is launching native DMARC integration in partnership with Red Sift. The integration offers a single, user-friendly page for setting up SPF, DKIM, and DMARC — all at once.

A strategic partnership with Red Sift

By collaborating with Red Sift, a leader in email security, Mailgun can make sure its customers don’t have to settle for a bare-minimum tool.

The result? Mailgun is now one of the few ESPs providing comprehensive domain authentication tools in a user-friendly, self-service environment.

So let’s break down what DMARC policies mean and how that impacts what the future of authentication looks like.

What p=none really means (and why it’s not enough)

There are three DMARC policy types:

• p=none — Monitor only, no action taken.

• p=quarantine — Messages that fail authentication get sent to the spam folder.

• p=reject — Messages that fail DMARC are blocked completely.

Our experts know that p=none is just a starting point. Without reporting, a DMARC record isn’t doing much. Reports are the “R” in DMARC — and they provide crucial visibility into your domain’s email ecosystem. From unknown senders within your own organization to external threats, these reports shine a light on what’s really happening with your email.

Why reporting matters — and how Mailgun makes it easy

DMARC reporting has long been one of Mailgun’s most-requested features. With the new integration, users on paid Mailgun plans can now access aggregate reports directly in the UI. The interface is designed to be simple: green is good, red needs attention. It’s all about making complex authentication data clear and actionable.

Microsoft on the move — and what’s next

Gmail and Yahoo started enforcing new sender requirements in 2024 and now Microsoft may be planning upcoming moves. While Google and Yahoo led the charge, Microsoft is expected to follow with similar sender requirements. Brian predicts Microsoft will introduce enforcement in the first half of 2025 — likely starting with a p=none requirement before tightening restrictions.

There’s also a chance that Google and Yahoo could increase their standards, potentially requiring enforced reporting or stronger policies like p=quarantine.

BIMI: From dangling carrot to cherry on top

BIMI (Brand Indicators for Message Identification) is no longer just a flashy add-on. The email specification that allows logo branding in the inbox has long been an afterthought since having DMARC is required. With domains being brought into compliance through DMARC enforcement, more senders are in a position to implement BIMI — and they should.

BIMI adoption is growing, with new providers like Comcast testing the feature. Even Apple Mail now supports it, making logo display more visible in the inbox and impactful than ever.

Deliverability isn't just about authentication

While DMARC is a critical step, it’s not a silver bullet. Content quality, list hygiene, user engagement, and unsubscribe management still play massive roles in inbox placement.

Wrapping up

With the new Mailgun/Red Sift DMARC integration rolling out by March 2025, Mailgun users will be well-equipped to stay compliant and keep email secure.

DMARC may not be the easiest topic to digest, but as Brian puts it: “It makes the ecosystem better.” And when authentication is done right, everyone wins — senders, receivers, and everyone in between.

Resources

Head to Red Sift to check your domain's BIMI or DMARC status?

Watch the full video episode on YouTube or listen on your favorite podcast platform. Emails Not Dead, Season 6 — now in video.