Skip to content
BlueStone Tech
Project 05 · Identity & Productivity

Managed DMARC

Stop scammers spoofing your domain. Most Australian SMBs don't have this set up.

Email us about this project See all 7 projects

What's included

Fixed scope. Written deliverables.

Every line below is in the Statement of Work. We don't expand scope mid-project; we don't shrink it. If something needs to change, we agree it in writing.

  • DMARC, SPF, and DKIM records configured for your domain
  • Move from p=none → p=quarantine → p=reject over 90 days, with monitoring
  • Monthly DMARC compliance report — see who's trying to spoof your email
  • Defends against business email compromise (BEC) — the #1 cyber-claim category in 2026

Frequently asked

About this project specifically.

What's the difference between p=none, p=quarantine, and p=reject?
p=none: 'tell me who's spoofing' (monitor only, no enforcement). p=quarantine: 'send spoofed mail to junk'. p=reject: 'bounce spoofed mail entirely'. We move you through these three states over 90 days because jumping straight to p=reject can break legitimate mail (e.g., your accounting system sending invoices on your behalf without proper SPF). The phased move is the safe path.
Will this break my marketing emails?
Only if your marketing platform isn't authorised to send on your behalf — which is exactly what DMARC is supposed to flag. We inventory all your sending services in week 1 (Mailchimp, Xero, ServiceM8, etc.) and authorise each one before moving past p=none. Done right, no legitimate mail is impacted.
Why $90/month after the setup?
DMARC reports come in daily as cryptic XML files from every receiving mail server. The $90/month covers parsing those reports, watching for new spoofing attempts, and alerting if a legitimate sending service starts failing authentication. Without this monitoring, DMARC becomes 'set and forget' (and you miss the alerts when they matter).

Other identity projects

Often paired with this one.

SaaS SSO via Entra ID

$1,800

Stop your team from juggling passwords. Single sign-on for the SaaS apps you actually use.

See project

Conditional Access Baseline

$2,400

Eight policies that block 90% of credential attacks. Designed and deployed in three weeks.

See project

Joiner-Mover-Leaver Automation Pack

$1,200

New hire on Monday, your IT does the rest. Same when someone leaves.

See project
Same-business-day email reply · no sales calls

Want a quote for Managed DMARC? It takes 2 minutes.

We'll email back with a tailored proposal — no calls, no follow-ups you didn't ask for.

Get a free quote Book a call