Thanks very much for the reply. I appreciate it. I really do. But for the record, I am actually fairly familiar with DNS settings.
What has my head spinning is things like this bit of instruction from the Google page that Shopify linked to:
“When you start using DMARC, we recommend a policy with enforcement set to none. As you learn how messages from your domain are authenticated by receiving servers, update your policy. Over time, change the receiver policy to quarantine, and finally to reject.”
It looks like you went straight to “quarantine.”
And then there’s this (also from Google):
Quarantine a small percentage of messages to start. After monitoring DMARC reports for at least a week with no adverse results, update your policy to quarantine , and add the pct tag to apply the policy to a small percent of your mail. For example: Add a policy that applies to 5% of messages and has enforcement set to quarantine.
v=DMARC1; p=quarantine; pct=5. If DMARC is working as expected, update your policy so the DMARC record policy is set to reject for 100% of messages.
It looks like you went straight to quarantining 100% of rejected messages vs phasing in per Google’s instructions. Maybe that’s fine…I don’t know.
Finally, it looks like you opted not to include an “rua” instruction in your DMARC record, which means you won’t receive any DMARC reports via email, right? Was that a conscious decision? I’m asking because Google says to include one. Maybe it’s not necessary. I don’t know. That’s part of what I’m trying to understand.
All in all, I’m still where I was at the outset: Maybe this is no big deal. But if you dig into the Google instructions that Shopify linked to, it doesn’t sound so simple.