On October 16, 2017 the U.S. Department of Homeland Security (DHS) announced that it would require federal agencies to implement email authentication (including DMARC) on their email-sending domains by January 15, 2018. The DHS directive, BOD 18-01, also required agencies to set their DMARC records to a policy of enforcement, which provides protection against email fraud, by October 16, 2018. That deadline has now passed.