Domain-based Message Authentication, Reporting, and Conformance (DMARC) is an email authentication, policy, and reporting protocol. It’s built on top of Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) protocols. If neither of those authentication methods passes, the DMARC policy determines what to do with the message. Salesforce supports and recommends DMARC. It’s up to you to determine whether you implement it for your domain.

DMARC is a second layer of authentication after DKIM and SPF. If an email doesn’t pass DKIM and SPF authentication, DMARC policy tells the receiver what to do with the message. For example, it can reject some email messages and quarantine others.

Reference Link – https://help.salesforce.com/articleView?id=emailadmin_dmarc.htm&type=5