🛡️ Free practice test question from: DMARC policy (Security+)

In DMARC (Domain-based Message Authentication, Reporting, and Conformance) policy configurations, the tags adkim and aspf are used to specify the alignment modes for DKIM (DomainKeys Identified Mail) and SPF (Sender Policy Framework), respectively.

- adkim=r: This sets the DKIM alignment to relaxed. In relaxed mode, the DKIM signature is considered aligned if the domain in the d= tag of the DKIM signature shares the same organizational domain as the From: header, even if subdomains are used.

- aspf=r: This sets the SPF alignment to relaxed. Similarly, in relaxed mode, SPF alignment is considered successful if the domain in the Return-Path (used by SPF) shares the same organizational domain as the From: header.
Example of DMARC policy in DNS records:
TXT "v=DMARC1; p=reject; rua=mailto:dmarc-reports@example.com; ruf=mailto:dmarc-forensic@example.com; adkim=r; aspf=r; pct=100; fo=1"

more info: https://www.cloudflare.com/learning/dns/dns-records/dns-dmarc-record/