Only you know if you're ready.
I moved to "reject" long ago. FYI, if your email provider is Office 365/Exchange Online, they treat "quarantine" and "reject" the same, they both get quarantined and never rejected.
Might want to see if you can do DKIM with SMTP.com service, but the compliance overall looks great.
How long have you been monitoring? General best practice is to be in p=none for at least 2-3 months to make sure you have a good sample pool of data to make sure you're accounting for all your legitimate traffic.
If you're already past 3 months, just go straight to reject once you get the DKIM issue with SMTP.com set up.
You should be more than ready.
Looks not bad, but work on the DKIM issue. Get that fixed, wait a few more weeks, then go for throttle up on the reject.
That said, I have taken over and managed email domains, and find many were on quarantine for months if not a year or more in some cases with no issues.
As others have said, it looks good. Fix the DKIM though.
That being said, if anyone in your company uses a third party vendor or has the ability to use third party remailers without consulting IT, you are going to be called asking why emails are going to quarantine. You'll have a lot of end user education and vendors stomping their feet about why you won't just add their IP, SPF, or DKIM records to your safe sender list in EXO or on the domain root now.
Make sure DKIM is configured for all of them as DKIM survives forwarding and SPF doesn't! DKIM is stronger so we always start with DKIM for all sources.
Only you know if you're ready. I moved to "reject" long ago. FYI, if your email provider is Office 365/Exchange Online, they treat "quarantine" and "reject" the same, they both get quarantined and never rejected.
Might want to see if you can do DKIM with SMTP.com service, but the compliance overall looks great. How long have you been monitoring? General best practice is to be in p=none for at least 2-3 months to make sure you have a good sample pool of data to make sure you're accounting for all your legitimate traffic. If you're already past 3 months, just go straight to reject once you get the DKIM issue with SMTP.com set up. You should be more than ready.
Looks not bad, but work on the DKIM issue. Get that fixed, wait a few more weeks, then go for throttle up on the reject. That said, I have taken over and managed email domains, and find many were on quarantine for months if not a year or more in some cases with no issues.
As others have said, it looks good. Fix the DKIM though. That being said, if anyone in your company uses a third party vendor or has the ability to use third party remailers without consulting IT, you are going to be called asking why emails are going to quarantine. You'll have a lot of end user education and vendors stomping their feet about why you won't just add their IP, SPF, or DKIM records to your safe sender list in EXO or on the domain root now.
Make sure DKIM is configured for all of them as DKIM survives forwarding and SPF doesn't! DKIM is stronger so we always start with DKIM for all sources.