Notice: DMARC Policy for comcast.net

Around July 15th, 2024, Comcast will change the DMARC record for Comcast.net to provide more protection for Comcast email users. 

Most importantly, this will have no impact on users currently using Xfinity Connect (Webmail) or third-party email clients (Outlook, Thunderbird, etc.) utilizing the standard Comcast email settings.

We intend to change the DMARC record to a policy of quarantine for the primary domain and to reject for subdomains.  Today, those policies are none and quarantine respectively.   This means that if someone is using comcast.net in the "Friendly From" and is sending through an unapproved system, those messages should be treated as undesirable (most likely placed in the spam folder) by a system that receives those messages, and properly evaluates DMARC and its dependencies.

Generally, DMARC (RFC7489) is used to help defend against direct domain (RFC5322) impersonation.  It relies upon SPF and DKIM to authenticate messages.   The mechanism includes a policy to inform receivers how to handle messages when there is no valid authentication. There is also a reporting component to allow domain owners to understand when others are attempting to improperly use their domain.