Member Hub

    Mandates Matter: New EasyDMARC Report Links National Policy to Stronger DMARC Adoption

    A recent report from EasyDMARC, published 10 July 2025, presents strong evidence that government-mandated DMARC enforcement drives meaningful improvements in email authentication.

    The 2025 DMARC Adoption Report analyses anonymised data from more than 278 million emails sent in 2023 and a further 115 million between January and April 2025, spanning seven countries. The conclusion is clear: national-level mandates significantly reduce the prevalence of weak or permissive DMARC policies.

    Decline in Weak DMARC Policies

    The report tracks the use of the least effective policy setting, p=none, across jurisdictions with varying degrees of regulatory enforcement. Countries with comprehensive mandates showed sharp declines:

    • United States: use of p=none fell from more than 66% in 2023 to just 14.2% in 2025
    • Czech Republic: dropped from 89.8% to 22.2%
    • United Kingdom: fell from 85.1% to 10.1%

    In contrast, results were mixed or negative in countries without strong mandates. Germany and Canada, where enforcement is partial or sector-specific, saw inconsistent improvements. The Netherlands and Qatar—both lacking national requirements—experienced an increase in permissive DMARC configurations.

    Policy Implications

    The report provides quantifiable support for legislators considering mandatory DMARC adoption. In every country studied, regulatory pressure was a key factor in improving policy strength and alignment.

    It also creates a benchmark for industry: businesses operating in jurisdictions without mandates are falling behind in baseline email security and remain at increased risk of phishing, spoofing, and impersonation. EasyDMARC explicitly advocates for legal requirements, particularly phased transitions toward a p=reject policy.

    Compliance Recommendations

    For organisations aiming to align with best practices—or prepare for future regulation—the report outlines several key actions:

    • Publish a DMARC record if none exists; begin with p=none, but set a clear roadmap toward p=quarantine and ultimately p=reject
    • Align SPF and DKIM identifiers to ensure DMARC pass results
    • Monitor aggregate reports (RUA) to detect unauthorised use and adjust policies accordingly
    • Stay informed on legislative developments in relevant jurisdictions
    • Engage leadership with the operational benefits: better deliverability, improved protection against phishing, and stronger brand trust

    Timeline and Context

    • 10 July 2025: EasyDMARC publishes the 2025 DMARC Adoption Report
    • 2023–2025: Comparative data highlights the impact of government enforcement
    • 2025 onwards: Continued calls for mandatory adoption across global markets

    The report, titled National DMARC Enforcement: How Government Action Influences Email Security, is available at easydmarc.com.

    Share it :
    Picture of Emailexpert Editorial Team
    Emailexpert Editorial Team
    Articles published under this byline are produced by the Emailexpert editorial staff and contributors. Content reflects collective reporting and review rather than the work of a single author.
    Join 1250+ email pros who get the industry news first. Subscribe to emailexpert updates.

    Categories

    ..

    Vendor Directory

    Latest Posts

    logo-emailexpert
    List Your Business