Those actions come up because we do not know if you have introduced any new sources of email, or not, since you have changed your DMARC record to reject. If you in the future introduce a new source of email and we see failures, you would click on yes and then you will have to configure the source with SPF and DKIM.

This gives you visibility as to who is sending emails on your behalf and helps you determine if they are indeed legitimate or not.

Over time, spammers/spoofers will discover that your domain is in DMARC reject and they will stop trying to impersonate your domain. 

Did this answer your question?