What to do about spam emails already rejected by DMARC?

Question

I currently have DMARC implemented for my email domain. My underlying email is gmail.

Each week, I receive a report stating that the emails I send are fully aligned (between 50 and 200 from known domains like AWS or google). But for many months now most weekly reports have had 1500 or more emails which are not aligned. They are definitely not my emails. They are from IPs with no DNS, or domains like vdc.vn, vnpt.vn and prod-infinitum.com.mx.

My DNS record is rejecting non-aligned emails. Here is my DNS entry:

v=DMARC1; p=reject; pct=100; rua=mailto:[omitted this]; aspf=r;

I thought that after I set this to reject for a few months, the SPAM emails would taper off, because they would be rejected, but they have not.

My question is, is there something I should be doing to further block these SPAM emails? If my DMARC is working, why haven't these spammers 'given up' on using my domain?

Answer 1

Chris,

Success stories like your's is always awesome, it just shows that DMARC is working as it should. Stopping emails that didn't originate from you. Unfortunately, email spammers, are just that "Spamming" and some emails will get though, because DMARC is not enforced everywhere yet. Since you know some of those IP's you can look up who owns it in ARIN and send an email to their abuse department, if they have one listed. They should be able to put a stop to it.

Answer 2

The answer by Henry is absolutely correct.

In fact, it is recipient's mail server that would acknowledge DMARC policy and if recipient's mail server has not implemented DMARC, the email spoofed from your address will go to recipient's mail box.

Just wait for the time when all email servers implement DMARC.