Only you need to have DMARC in order to protect your domain from being used in phishing attacks. Almost all email receivers are DMARC enabled so they will be able to execute your DMARC configuration.

Did this answer your question?