diff --git a/README.md b/README.md
index 69496bf..5cced0c 100644
--- a/README.md
+++ b/README.md
@@ -14,8 +14,7 @@ changes happen from time to time**
   - IMAP4rev1 & SMTP server in one binary
   - [DKIM][dkim] signing and verification
   - [SPF][spf] policy enforcement
-  - [DMARC][dmarc] policy enforcement (experimental,
-    enable with `dmarc on` in smtp config)
+  - [DMARC][dmarc] policy enforcement
   - [MTA-STS][mtasts] policy enforcement
 * Simple to configure
   - Two steps (excluding messing with DNS) to get your own
diff --git a/dist/vim/syntax/maddy-conf.vim b/dist/vim/syntax/maddy-conf.vim
index db99609..94fa097 100644
--- a/dist/vim/syntax/maddy-conf.vim
+++ b/dist/vim/syntax/maddy-conf.vim
@@ -78,6 +78,7 @@ syn keyword maddyDispatchDir
 	\ reject
 	\ deliver_to
 	\ reroute
+	\ dmarc
 
 " grep --no-file -E 'cfg..+\(".+", ' **.go | sed -E 's/.+cfg..+\("([^"]+)", .+/\1/' | sort -u
 syn keyword maddyModDir
diff --git a/maddy.conf b/maddy.conf
index df3d132..23984dd 100644
--- a/maddy.conf
+++ b/maddy.conf
@@ -53,6 +53,10 @@ smtp tcp://0.0.0.0:25 {
         apply_spf
     }
 
+    # Enforce sender's DMARC policy.
+    # Report generation is not implemented yet.
+    dmarc on
+
     modify {
         # Implement plus-address notation.
         replace_rcpt /(.+)\+(.+)@(.+)/ $1@$3
diff --git a/man/maddy-smtp.5.scd b/man/maddy-smtp.5.scd
index faceec1..0458106 100644
--- a/man/maddy-smtp.5.scd
+++ b/man/maddy-smtp.5.scd
@@ -20,6 +20,7 @@ smtp tcp://0.0.0.0:25 {
     max_message_size 32M
     auth pam
     defer_sender_reject yes
+    dmarc yes
 
     # Example pipeline ocnfiguration.
     destination example.org {
@@ -104,6 +105,17 @@ Amount of RCPT-time errors that should be logged. Further errors will be
 handled silently. This is to prevent log flooding during email dictonary
 attacks (address probing).
 
+*Syntax*: dmarc _boolean_ ++
+*Default*: yes
+
+Enforce sender's DMARC policy. Due to implementation limitations, it is not a
+check module.
+
+*NOTE*: Report generation is not implemented now.
+
+*NOTE*: DMARC needs apply_spf and verify_dkim checks to function correctly.
+Without these checks, you will get false negatives.
+
 # Submission module (submission)
 
 Module 'submission' implements all functionality of the 'smtp' module and adds
@@ -380,6 +392,10 @@ This configuration allows to specify alias local addresses to remote ones
 without being an open relay, since remote_queue can be used only if remote
 address was introduced as a result of rewrite of local address.
 
+*WARNING*: If you have DMARC enabled (default), results generated by apply_spf
+and verify_dkim checks inside a reroute block *will not* be considered in DMARC
+evaluation.
+
 *Syntax*: destination _rule..._ { ... } ++
 *Context*: pipeline configuration, source block