Sigh, sending threatening and harassing emails to students seems as though it's becoming more and more of a common thing. Here's the latest, from Gardner, Massachusetts. I'm wondering about a lot of missing details here. The message appeared to come from or via the portal's email system, but did it really? Was a user account hacked, or were the emails just relayed through a billion different spambots and maybe DMARC would have helped to block this?
People who are generally against DMARC tend to hate that it results in systems that can seem more closed than open. Email, and the internet in general, were initially built on the principle of openness, but bad actors love to ruin everything. For a system widely used by children, maybe a little more closed, restricted and secure is better than not. It seems to me that providers running these types of systems ought to be leading the way in email authentication and in the blocking of unauthenticated email messages.