OnDMARC will guide you through the steps of securing your email, these can be broadly explained as:
Phase 1 - Insight: Initially OnDMARC requires you to set-up a DMARC record in your DNS in reporting-only mode. This will have no impact on your email traffic. Once this DNS record is set-up OnDMARC will start receiving reports about whether your emails would pass or fail DMARC validation. OnDMARC will analyse these reports for 7 days before it starts providing your with actions.
Phase 2 - Actions: Once OnDMARC has enough information about your traffic it will start recommending actions on how to setup your SPF and DKIM records in order to have all you traffic DMARC compliant. It won't be until all your legitimate email traffic is confirmed DMARC compliant that it will suggest you move into phase 3.
Phase 3 - Protection: Having confirmed that all your legitimate traffic is DMARC compliant, OnDMARC will now require you to modify the policy on your DMARC DNS record to instruct receivers of emails from your domain to reject emails that fail validation. At this point your domain is protected. OnDMARC will continue to monitor your traffic and alert you about any problems with your email traffic.
The Journey to Full Protection with OnDMARC.