@cybervegan @mwl It has definitely required keeping up with over the years. Fortunately the DMARC situation feels a lot more stable now than it did for quite a while, so it's less of a dark-art pile of chaos.Getting all of our clients moved over to fully DMARC-authenticated email — with all their third-party mailer services too — was a long process. I ended up updating our mail software to be able to automatically ingest and summarize DMARC reports, and that helped a lot with making sure everything was accounted for.But now that it's all done, we're seeing lots fewer instances of blatant forgery of mail from folks' domains, so it seems like it was a necessary shift.Kind of wild how the whole ecosystem was able to ease through that process together, and now we're at the point where it's effectively required. It took carrots and sticks from those big providers (who are prone to abuse that power as well), but the DMARC authentication itself seems to be a net gain now that the dust is settling.