SPF and DKIM both help authenticate email in different ways but do not enforce a policy. DMARC uses the authentication that both SPF and DKIM provide to enforce a policy and block sending from any source that fails this validation. 

Did this answer your question?