Skip to main content
Version: 2.1.1-preview

Test-MtDomainsDmarcRecordMaturity

SYNOPSIS

Checks maturity of policies and percentage values in DMARC records for all Entra registered domains.

SYNTAX

Test-MtDomainsDmarcRecordMaturity [-ProgressAction <ActionPreference>] [<CommonParameters>]

DESCRIPTION

A DMARC policy SHALL be published for every managed and verified domain in the Entra tenant. The DMARC record should have a policy of reject and a percentage value of 100% to be considered mature and passing the test. Any policy with pct < 100 or quarantine policy will result in a "Low" severity fail. none policies result in a failed test with "Medium" severity, assuming that only fully missing DMARC entry results in a "High" severity.

Domains that are newly registered (initial), do not have DMARC information available, or are not applicable (e.g., onmicrosoft.com) will be skipped with appropriate reasons provided in the test details.

By ensuring that all managed and verified domains have a mature DMARC record, organizations can significantly reduce the risk of email spoofing and phishing attacks, thereby enhancing their overall security posture.

For more information on DMARC record maturity and best practices, please refer to the following resources:

EXAMPLES

EXAMPLE 1

Test-MtDomainsDmarcRecordMaturity

Returns true if all DMARC records for managed and verified domains have a policy of reject and a percentage value of 100%. Otherwise, returns false with details on the maturity status of each domain's DMARC record.

PARAMETERS

-ProgressAction

{{ Fill ProgressAction Description }}

Type: ActionPreference
Parameter Sets: (All)
Aliases: proga

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

CommonParameters

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.

INPUTS

OUTPUTS

System.Boolean

NOTES

https://maester.dev/docs/commands/Test-MtDomainsDmarcRecordMaturity