alt Hacker News> According to Validity’s analysis of 22 million sending domains, 84% have no DMARC record at all
One of those is mine (I have SPF records but no DKIM or DMARC). I don't seem to have any issues. I'm not a "bulk sender" though, and my domain has existed since 2002.
Meanwhile a whole lot of the spam I'm seeing comes either through gmail/outlook.com, or from domains with valid DKIM setups (either because the domain got owned, or because it was just 'correctly' set up... for spamming)
Yes, good spammers make sure their DMARC, DKIM and SPF are correct.
Most times I have to deal with issues are companies sending email enquiries from their website to their Office 365 hosted address when the sender is their own email address. Usually requires all 3 to avoid SPF/DMARC fails or mail going to Junk/Quarantine.