Many of the of the large cloud email providers (Google, Microsoft, Yahoo) do provide DMARC support by default but only for their consumers. Meaning, if you are using gmail.com, yahoo.com, outlook.com, live.com, and so on, then you are protected by DMARC.
However, your organization will still need to implement DMARC even though you are using a cloud email provider that supports DMARC. The reason for this is that these providers do not want to impact how messages are received, especially if the provider has set the DMARC policy to reject. If they did, then there is a possibility that legitimate email messages for your domain will be dropped without your knowledge and could take time to fix.
Most cloud email providers do allow for an organization to implement a DMARC policy for their own domain.
If your organization is using Google’s mail servers, then the following Google support guides should be used to setup your domains SPF, DKIM and DMARC records.
- Configure SPF records to work with Google Apps – https://support.google.com/a/answer/178723?hl=en
- Google – About DKIM – https://support.google.com/a/answer/174124?hl=en
- Google – About DMARC – https://support.google.com/a/answer/2466580?hl=en
If your organization is using Office 365, then the following Microsoft sites should be used to setup your domains SPF, DKIM and DMARC records.
- Setup SPF in Office 365 – https://technet.microsoft.com/en-us/library/dn789058(v=exchg.150).aspx
- DKIM – https://technet.microsoft.com/en-us/library/mt695945(v=exchg.150).aspx
Microsoft and DMARC – https://technet.microsoft.com/en-us/library/mt734386(v=exchg.150).aspx