Properly implemented, the benefits to a domain using DMARC are allowing for authentication by a receiving mail server that the sender showing in the From header of a message arrived in a manner the organization approves of; i.e. anti-spoofing/forgery. It typically will result in better deliverability to inboxes vs spam folders, but can also help an organization prevent mis-use of their domain name. To implement effectively though, it should be used with an all or nothing policy, where all emails bearing the sending domain are required to be sent in a manner that abides by the published policy.

Thanks David. How can we boil this down? For the "All or Nothing," are you saying that if you configure to not receive the email reports then you are on the nothing side?

Oh, no I'm referring to the policy portion. You can set up a DMARC and/or SPF policy that states "mail from domain xyz.com MUST ONLY arrive from the following list of permitted systems", but you can also set a policy that states "mail from domain xyz.com MAY arrive from the following list of permitted systems." If you do the latter, the mail will generally not be treated much better than if you had no policy at all, making the effort probably not worth the outcome. If you do the former, you must ensure it's done properly and thoroughly or mail from legit sources would be rejected; and similarly, if something changes and the record is not updated to reflect that, same issue can result.

You won't generally receive undeliverable reports for forged emails if a strict policy has been put in place, because those messages would be rejected at delivery time, or the more intelligent filters would know they're rejecting due to forgery and that there's no point bouncing to the purported sender.