The Domain-based Message Authentication, Reporting, and Conformance or DMARC record indicates what action a mail server takes when it receives an email from a domain that fails SPF record and DKIM record checks. It is a TXT record fundamentally, however, most service providers that support DMARC records should have a DMARC parameter template in their control panel, enabling you to fine-tune it. It has a lot of options you can use to enforce specific regulations. An excellent example is the option to reject all emails originating from a sub-domain of the domain name. Note that this ONLY occurs if SPF and DKIM verification fails. You can also define the number of emails you want the system to filter (percentage). Additionally, you may configure it to send reports for domains failing DKIM or SPF verification to a specific email account (for example, your webmaster or system administrator who is managing your service).
Here is an example of a DMARC record: