_dmarc.planningalerts.org.au has DMARC policy set to p=none

[benrfairless]

Describe the bug
_dmarc.planningalerts.org.au has DMARC policy set to p=none, which only monitors email authentication failures without taking action. This leaves the domain vulnerable to email spoofing attacks.

To Reproduce
Steps to reproduce the behaviour:

• Query DNS: dig _dmarc.planningalerts.org.au TXT
• Observe the DMARC record contains p=none
• Verify that spoofed emails from planningalerts.org.au addresses are not rejected or quarantined

Expected behaviour
DMARC policy should be set to p=quarantine or p=reject to actively protect against domain spoofing and email authentication failures.
M

Additional context

• p=none provides visibility into email authentication issues but offers no protection
• Attackers can send emails appearing to be from planningalerts.org.au addresses
• Risk to user trust and organisational reputation
• Should implement p=quarantine initially, then move to p=reject after monitoring