In order to successfully deploy DMARC, there are a few security dependencies you must keep in mind:
1. DNS: In order to support SPF and DKIM as part of the DMARC standard, you need to ensure the security of DNS.
2. Private keys are secured. DMARC depends on DKIM and therefor the security of the private keys used for signing the messages must be assured.
3. Accurately maintained authorized senders list. DMARC relies on SPF, and in order for SPF to be configured correctly, you need to ensure that you have all valid sending IPs listed in the SPF txt record. You will need to ensure this list is maintained to ensure no new senders are blocked due to not being listed.
4. Make sure best practices are being used when sending outbound mail. It is important to ensure your outbound mail servers are not compromised by spam bots or malware. DMARC is in place to help with unauthenticated mail. DMARC can not help you protect mail that has been sent from authenticated sources that have been infected.
5. Ensure you can Quarantine mail. DMARC relies on the concept of message quarantining. You will need to ensure that your mailbox service provider and the user interface have this option available if you plan on making use of the quarantine policies.