Implementing DMARC, DKIM, and SPF isn't as hard as some might think. Having a p=reject DMARC implementation will have spoofed emails rejected with most mailbox service providers.
You can have an initial implementation in 3 steps:
https://dmarcly.com/blog/how-to-set-up- … easy-steps
If you need a comprehensive guide, or a deep dive into DMARC, DKIM, and SPF:
https://dmarcly.com/blog/how-to-impleme … tive-guide
